Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-41881 (GCVE-0-2022-41881)
Vulnerability from cvelistv5 – Published: 2022-12-12 00:00 – Updated: 2025-04-22 15:57
VLAI
EPSS
Summary
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
Severity
5.3 (Medium)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
4 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:56:38.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v"
},
{
"name": "[debian-lts-announce] 20230111 [SECURITY] [DLA 3268-1] netty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html"
},
{
"name": "DSA-5316",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5316"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230113-0004/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41881",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:39:04.984423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T15:57:46.309Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "netty",
"vendor": "netty",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.86.Final"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674: Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-13T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v"
},
{
"name": "[debian-lts-announce] 20230111 [SECURITY] [DLA 3268-1] netty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html"
},
{
"name": "DSA-5316",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5316"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230113-0004/"
}
],
"source": {
"advisory": "GHSA-fx2c-96vj-985v",
"discovery": "UNKNOWN"
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-41881",
"datePublished": "2022-12-12T00:00:00.000Z",
"dateReserved": "2022-09-30T00:00:00.000Z",
"dateUpdated": "2025-04-22T15:57:46.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-41881",
"date": "2026-06-16",
"epss": "0.01466",
"percentile": "0.70212"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.1.86\", \"matchCriteriaId\": \"23E33B4F-0C2C-4943-B9EE-9E446C3BE7FD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.\"}, {\"lang\": \"es\", \"value\": \"El proyecto Netty es un framework de aplicaci\\u00f3n de red as\\u00edncrona impulsado por eventos. En versiones anteriores a la 4.1.86.Final, se puede generar un StackOverflowError al analizar un mensaje manipulado con formato incorrecto debido a una recursividad infinita. Este problema se solucion\\u00f3 en la versi\\u00f3n 4.1.86.Final. No existe ning\\u00fan workaround, excepto utilizar un HaProxyMessageDecoder personalizado.\"}]",
"id": "CVE-2022-41881",
"lastModified": "2024-11-21T07:23:58.807",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2022-12-12T18:15:12.773",
"references": "[{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230113-0004/\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5316\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20230113-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5316\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-674\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-674\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-41881\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2022-12-12T18:15:12.773\",\"lastModified\":\"2024-11-21T07:23:58.807\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.\"},{\"lang\":\"es\",\"value\":\"El proyecto Netty es un framework de aplicaci\u00f3n de red as\u00edncrona impulsado por eventos. En versiones anteriores a la 4.1.86.Final, se puede generar un StackOverflowError al analizar un mensaje manipulado con formato incorrecto debido a una recursividad infinita. Este problema se solucion\u00f3 en la versi\u00f3n 4.1.86.Final. No existe ning\u00fan workaround, excepto utilizar un HaProxyMessageDecoder personalizado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-674\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-674\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.86\",\"matchCriteriaId\":\"23E33B4F-0C2C-4943-B9EE-9E446C3BE7FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}],\"references\":[{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230113-0004/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5316\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230113-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5316\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2023_0577
Vulnerability from csaf_redhat - Published: 2023-02-16 12:57 - Updated: 2024-12-10 17:42Summary
Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.7 security update
Severity
Moderate
Notes
Topic: An update is now available for Red Hat build of Eclipse Vert.x.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.
Details: This release of Red Hat build of Eclipse Vert.x 4.3.7 GA includes security updates. For more information, see the release notes listed in the References section.
Security Fix(es):
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* dev-java-snakeyaml: dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Eclipse Vert.x 4.3.7
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Eclipse Vert.x 4.3.7
Red Hat / Red Hat OpenShift Application Runtimes
|
cpe:/a:redhat:openshift_application_runtimes:1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Eclipse Vert.x.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Eclipse Vert.x 4.3.7 GA includes security updates. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* dev-java-snakeyaml: dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0577",
"url": "https://access.redhat.com/errata/RHSA-2023:0577"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.3.7",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.eclipse.vertx\u0026version=4.3.7"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.3/html/release_notes_for_eclipse_vert.x_4.3/index"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0577.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.7 security update",
"tracking": {
"current_release_date": "2024-12-10T17:42:45+00:00",
"generator": {
"date": "2024-12-10T17:42:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:0577",
"initial_release_date": "2023-02-16T12:57:15+00:00",
"revision_history": [
{
"date": "2023-02-16T12:57:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-16T12:57:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-10T17:42:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Eclipse Vert.x 4.3.7",
"product": {
"name": "Red Hat build of Eclipse Vert.x 4.3.7",
"product_id": "Red Hat build of Eclipse Vert.x 4.3.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-16T12:57:15+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Eclipse Vert.x 4.3.7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-16T12:57:15+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Red Hat build of Eclipse Vert.x 4.3.7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Eclipse Vert.x 4.3.7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
}
]
}
RHSA-2023_0713
Vulnerability from csaf_redhat - Published: 2023-02-09 11:35 - Updated: 2024-12-16 02:04Summary
Red Hat Security Advisory: Red Hat Data Grid 8.4.1 security update
Severity
Important
Notes
Topic: An update for Red Hat Data Grid 8 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.4.1 replaces Data Grid 8.4.0 and includes bug fixes and enhancements. Find out more about Data Grid 8.4.1 in the Release Notes[3].
Security Fix(es):
* mina-sshd: Java unsafe deserialization vulnerability [jdg-8] (CVE-2022-45047)
* file-type: a malformed MKV file could cause the file type detector to get caught in an infinite loop [jdg-8] (CVE-2022-36313)
* loader-utils: loader-utils:Regular expression denial of service [jdg-8] (CVE-2022-37603)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS [jdg-8] (CVE-2022-41881)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS [jdg-8] (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays [jdg-8] (CVE-2022-42004)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the file-type npm package. A malformed MKV file could lead the file type detector to a denial of Service. This issue allows an attacker to input a malicious file and make the server unresponsive.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.4.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.4.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.4.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.4.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.4.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Data Grid 8.4.1
Red Hat / Red Hat JBoss Data Grid
|
cpe:/a:redhat:jboss_data_grid:8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid 8 is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.4.1 replaces Data Grid 8.4.0 and includes bug fixes and enhancements. Find out more about Data Grid 8.4.1 in the Release Notes[3].\n\nSecurity Fix(es):\n\n* mina-sshd: Java unsafe deserialization vulnerability [jdg-8] (CVE-2022-45047)\n\n* file-type: a malformed MKV file could cause the file type detector to get caught in an infinite loop [jdg-8] (CVE-2022-36313)\n\n* loader-utils: loader-utils:Regular expression denial of service [jdg-8] (CVE-2022-37603)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS [jdg-8] (CVE-2022-41881)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS [jdg-8] (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays [jdg-8] (CVE-2022-42004)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0713",
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=8.4\u0026downloadType=patches",
"url": "https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=8.4\u0026downloadType=patches"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.4/html-single/red_hat_data_grid_8.4_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.4/html-single/red_hat_data_grid_8.4_release_notes/index"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2159682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159682"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0713.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 8.4.1 security update",
"tracking": {
"current_release_date": "2024-12-16T02:04:20+00:00",
"generator": {
"date": "2024-12-16T02:04:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:0713",
"initial_release_date": "2023-02-09T11:35:44+00:00",
"revision_history": [
{
"date": "2023-02-09T11:35:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-09T11:35:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-16T02:04:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid 8.4.1",
"product": {
"name": "Red Hat Data Grid 8.4.1",
"product_id": "Red Hat Data Grid 8.4.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-36313",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2023-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2159682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the file-type npm package. A malformed MKV file could lead the file type detector to a denial of Service. This issue allows an attacker to input a malicious file and make the server unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "file-type: a malformed MKV file could cause the file type detector to get caught in an infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36313"
},
{
"category": "external",
"summary": "RHBZ#2159682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36313"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36313",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36313"
}
],
"release_date": "2022-07-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-09T11:35:44+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.1 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.1 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.1, refer to the 8.4.1 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "file-type: a malformed MKV file could cause the file type detector to get caught in an infinite loop"
},
{
"cve": "CVE-2022-37603",
"cwe": {
"id": "CWE-185",
"name": "Incorrect Regular Expression"
},
"discovery_date": "2022-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140597"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "loader-utils: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37603"
},
{
"category": "external",
"summary": "RHBZ#2140597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-09T11:35:44+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.1 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.1 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.1, refer to the 8.4.1 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "loader-utils: Regular expression denial of service"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-09T11:35:44+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.1 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.1 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.1, refer to the 8.4.1 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-09T11:35:44+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.1 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.1 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.1, refer to the 8.4.1 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-09T11:35:44+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.1 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.1 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.1, refer to the 8.4.1 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid 8.4.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-09T11:35:44+00:00",
"details": "To install this update, do the following:\n \n1. Download the Data Grid 8.4.1 Server patch from the customer portal[\u00b2].\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 8.4.1 Server patch.\n4. Restart Data Grid to ensure the changes take effect.\n\nFor more information about Data Grid 8.4.1, refer to the 8.4.1 Release Notes[\u00b3]",
"product_ids": [
"Red Hat Data Grid 8.4.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"Red Hat Data Grid 8.4.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid 8.4.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
}
]
}
RHSA-2023_0758
Vulnerability from csaf_redhat - Published: 2023-02-14 12:11 - Updated: 2024-12-17 23:01Summary
Red Hat Security Advisory: Red Hat build of Quarkus 2.13.7 release and security update
Severity
Moderate
Notes
Topic: An update is now available for Red Hat build of Quarkus.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability. For more
information, see the CVE links in the References section.
Details: This release of Red Hat build of Quarkus 2.13.7 includes security updates, bug
fixes, and enhancements. For more information, see the release notes page listed in the References section.
Security Fix(es):
* CVE-2022-1471 snakeyaml: Constructor Deserialization Remote Code Execution [quarkus-2.13]
* CVE-2022-41881 codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS [quarkus-2.13]
* CVE-2022-45047 sshd-common: mina-sshd: Java unsafe deserialization vulnerability [quarkus-2.13]
* CVE-2023-0044 quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure [quarkus-2.13]
* CVE-2022-41946 jdbc-postgresql: postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k [quarkus-2.13]
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setText(int, InputStream) and PreparedStatemet.setBytea(int, InputStream). This could allow a user to create an unexpected file available to all users, which could end in unexpected behavior.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Quarkus. If the Quarkus Form Authentication session cookie Path attribute is set to `/`, then a cross-site attack may be initiated, which might lead to information disclosure.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:2.13
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
References
34 references
Acknowledgments
Red Hat
Paulo Lopes
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability. For more\ninformation, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 2.13.7 includes security updates, bug\nfixes, and enhancements. For more information, see the release notes page listed in the References section.\n\nSecurity Fix(es):\n\n* CVE-2022-1471 snakeyaml: Constructor Deserialization Remote Code Execution [quarkus-2.13]\n\n* CVE-2022-41881 codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS [quarkus-2.13]\n\n* CVE-2022-45047 sshd-common: mina-sshd: Java unsafe deserialization vulnerability [quarkus-2.13]\n\n* CVE-2023-0044 quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure [quarkus-2.13]\n\n* CVE-2022-41946 jdbc-postgresql: postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k [quarkus-2.13]\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0758",
"url": "https://access.redhat.com/errata/RHSA-2023:0758"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=2.13.7",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=2.13.7"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.13/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_quarkus/2.13/"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/4966181",
"url": "https://access.redhat.com/articles/4966181"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2153399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153399"
},
{
"category": "external",
"summary": "2158081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158081"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0758.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 2.13.7 release and security update",
"tracking": {
"current_release_date": "2024-12-17T23:01:10+00:00",
"generator": {
"date": "2024-12-17T23:01:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:0758",
"initial_release_date": "2023-02-14T12:11:49+00:00",
"revision_history": [
{
"date": "2023-02-14T12:11:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-14T12:11:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:01:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus",
"product": {
"name": "Red Hat build of Quarkus",
"product_id": "Red Hat build of Quarkus",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:2.13"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-14T12:11:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0758"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-14T12:11:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0758"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-41946",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153399"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setText(int, InputStream) and PreparedStatemet.setBytea(int, InputStream). This could allow a user to create an unexpected file available to all users, which could end in unexpected behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships a PostgreSQL JDBC Driver for Hibernate ORM framework, which is embeds into Candlepin. Although Candlepin itself doesn\u0027t make direct use of the PreparedStatement methods from the PostgreSQL JDBC Driver, Hibernate ORM does utilize these methods, potentially making framework affected. Satellite server operating in an environment with untrusted users while the driver is running are vulnerable to the flaw, however, deployments without untrusted users are considered safe. A future Satellite update should address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41946"
},
{
"category": "external",
"summary": "RHBZ#2153399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41946"
}
],
"release_date": "2022-11-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-14T12:11:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0758"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-14T12:11:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0758"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"Red Hat build of Quarkus"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Paulo Lopes"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2023-0044",
"discovery_date": "2023-01-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. If the Quarkus Form Authentication session cookie Path attribute is set to `/`, then a cross-site attack may be initiated, which might lead to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0044"
},
{
"category": "external",
"summary": "RHBZ#2158081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0044",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0044"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-c57v-hc7m-8px2",
"url": "https://github.com/advisories/GHSA-c57v-hc7m-8px2"
}
],
"release_date": "2023-01-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-14T12:11:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0758"
},
{
"category": "workaround",
"details": "This attack can be prevented with the Quarkus CSRF Prevention feature.",
"product_ids": [
"Red Hat build of Quarkus"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "quarkus-vertx-http: a cross-site attack may be initiated which might lead to the Information Disclosure"
}
]
}
RHSA-2023_0888
Vulnerability from csaf_redhat - Published: 2023-02-21 15:41 - Updated: 2024-11-22 21:18Summary
Red Hat Security Advisory: Red Hat Integration Camel Extension For Quarkus 2.13.2-1 security update
Severity
Moderate
Notes
Topic: Red Hat Integration Camel Extensions for Quarkus 2.13.2-1 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed.
Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: A security update for 2.13.2-1 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k (CVE-2022-41946)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
CEQ 2.13.2-1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setText(int, InputStream) and PreparedStatemet.setBytea(int, InputStream). This could allow a user to create an unexpected file available to all users, which could end in unexpected behavior.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
CEQ 2.13.2-1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_quarkus:2.13
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Integration Camel Extensions for Quarkus 2.13.2-1 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed.\n\nRed Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A security update for 2.13.2-1 is now available. The purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* postgresql-jdbc: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k (CVE-2022-41946)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0888",
"url": "https://access.redhat.com/errata/RHSA-2023:0888"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1",
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2023.q1"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2153399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153399"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0888.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel Extension For Quarkus 2.13.2-1 security update",
"tracking": {
"current_release_date": "2024-11-22T21:18:57+00:00",
"generator": {
"date": "2024-11-22T21:18:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2023:0888",
"initial_release_date": "2023-02-21T15:41:52+00:00",
"revision_history": [
{
"date": "2023-02-21T15:41:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-02-21T15:41:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T21:18:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CEQ 2.13.2-1",
"product": {
"name": "CEQ 2.13.2-1",
"product_id": "CEQ 2.13.2-1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_quarkus:2.13"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CEQ 2.13.2-1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-21T15:41:52+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"CEQ 2.13.2-1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0888"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CEQ 2.13.2-1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-41946",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153399"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setText(int, InputStream) and PreparedStatemet.setBytea(int, InputStream). This could allow a user to create an unexpected file available to all users, which could end in unexpected behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite ships a PostgreSQL JDBC Driver for Hibernate ORM framework, which is embeds into Candlepin. Although Candlepin itself doesn\u0027t make direct use of the PreparedStatement methods from the PostgreSQL JDBC Driver, Hibernate ORM does utilize these methods, potentially making framework affected. Satellite server operating in an environment with untrusted users while the driver is running are vulnerable to the flaw, however, deployments without untrusted users are considered safe. A future Satellite update should address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CEQ 2.13.2-1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41946"
},
{
"category": "external",
"summary": "RHBZ#2153399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41946",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41946"
}
],
"release_date": "2022-11-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-02-21T15:41:52+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"CEQ 2.13.2-1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0888"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CEQ 2.13.2-1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions"
}
]
}
RHSA-2023_1512
Vulnerability from csaf_redhat - Published: 2023-03-29 11:44 - Updated: 2024-12-17 23:02Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)
* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)
* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
6.2 (Medium)
Affected products
Fixed
2 products
Known not affected
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Known not affected
124 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Affected products
Fixed
128 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
Known not affected
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.
5.5 (Medium)
Affected products
Fixed
128 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
5.3 (Medium)
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
Known not affected
108 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Low
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src | — |
Vendor Fix
fix
|
Known not affected
124 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — | ||
| Unresolved product id: 7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch | — |
Threats
Impact
Important
References
78 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)\n\n* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)\n\n* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)\n\n* RESTEasy: creation of insecure temp files (CVE-2023-0482)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1512",
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "2174246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246"
},
{
"category": "external",
"summary": "JBEAP-23572",
"url": "https://issues.redhat.com/browse/JBEAP-23572"
},
{
"category": "external",
"summary": "JBEAP-24120",
"url": "https://issues.redhat.com/browse/JBEAP-24120"
},
{
"category": "external",
"summary": "JBEAP-24172",
"url": "https://issues.redhat.com/browse/JBEAP-24172"
},
{
"category": "external",
"summary": "JBEAP-24182",
"url": "https://issues.redhat.com/browse/JBEAP-24182"
},
{
"category": "external",
"summary": "JBEAP-24220",
"url": "https://issues.redhat.com/browse/JBEAP-24220"
},
{
"category": "external",
"summary": "JBEAP-24254",
"url": "https://issues.redhat.com/browse/JBEAP-24254"
},
{
"category": "external",
"summary": "JBEAP-24292",
"url": "https://issues.redhat.com/browse/JBEAP-24292"
},
{
"category": "external",
"summary": "JBEAP-24339",
"url": "https://issues.redhat.com/browse/JBEAP-24339"
},
{
"category": "external",
"summary": "JBEAP-24341",
"url": "https://issues.redhat.com/browse/JBEAP-24341"
},
{
"category": "external",
"summary": "JBEAP-24363",
"url": "https://issues.redhat.com/browse/JBEAP-24363"
},
{
"category": "external",
"summary": "JBEAP-24372",
"url": "https://issues.redhat.com/browse/JBEAP-24372"
},
{
"category": "external",
"summary": "JBEAP-24380",
"url": "https://issues.redhat.com/browse/JBEAP-24380"
},
{
"category": "external",
"summary": "JBEAP-24383",
"url": "https://issues.redhat.com/browse/JBEAP-24383"
},
{
"category": "external",
"summary": "JBEAP-24384",
"url": "https://issues.redhat.com/browse/JBEAP-24384"
},
{
"category": "external",
"summary": "JBEAP-24385",
"url": "https://issues.redhat.com/browse/JBEAP-24385"
},
{
"category": "external",
"summary": "JBEAP-24395",
"url": "https://issues.redhat.com/browse/JBEAP-24395"
},
{
"category": "external",
"summary": "JBEAP-24507",
"url": "https://issues.redhat.com/browse/JBEAP-24507"
},
{
"category": "external",
"summary": "JBEAP-24535",
"url": "https://issues.redhat.com/browse/JBEAP-24535"
},
{
"category": "external",
"summary": "JBEAP-24574",
"url": "https://issues.redhat.com/browse/JBEAP-24574"
},
{
"category": "external",
"summary": "JBEAP-24588",
"url": "https://issues.redhat.com/browse/JBEAP-24588"
},
{
"category": "external",
"summary": "JBEAP-24605",
"url": "https://issues.redhat.com/browse/JBEAP-24605"
},
{
"category": "external",
"summary": "JBEAP-24618",
"url": "https://issues.redhat.com/browse/JBEAP-24618"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1512.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 7 security update",
"tracking": {
"current_release_date": "2024-12-17T23:02:49+00:00",
"generator": {
"date": "2024-12-17T23:02:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1512",
"initial_release_date": "2023-03-29T11:44:44+00:00",
"revision_history": [
{
"date": "2023-03-29T11:44:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-29T11:44:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:02:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.86-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.86-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.5-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.17-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@13.4.0-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.8-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.50-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.16-1.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.7-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-mime4j@0.8.9-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@2.0.1-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-spi@3.4.0-2.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-26.Final_redhat_00025.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-3.redhat_00004.1.el7eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-4.redhat_00004.1.el7eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.10-6.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-common@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.86-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@13.4.0-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-appclient@13.4.0-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-common@13.4.0-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ear@13.4.0-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ejb@13.4.0-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-web@13.4.0-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.8-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-22.SP12_redhat_00012.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.50-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.16-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.16-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.16-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.16-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-mime4j@0.8.9-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@2.0.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-spi@3.4.0-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-26.Final_redhat_00025.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-26.Final_redhat_00025.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-26.Final_redhat_00025.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-3.redhat_00004.1.el7eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.10-6.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.10-6.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.10-6.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.10-6.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.10-6.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.86-1.Final_redhat_00001.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.86-1.Final_redhat_00001.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-4.redhat_00004.1.el7eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-4.redhat_00004.1.el7eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product_id": "eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-debuginfo@1.0.2-4.redhat_00004.1.el7eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-45787",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-01-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache James\u0027s Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45787"
},
{
"category": "external",
"summary": "RHBZ#2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45787"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787"
}
],
"release_date": "2023-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider"
},
{
"cve": "CVE-2023-0482",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166004"
}
],
"notes": [
{
"category": "description",
"text": "In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: creation of insecure temp files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0482"
},
{
"category": "external",
"summary": "RHBZ#2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0482",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "RESTEasy: creation of insecure temp files"
},
{
"cve": "CVE-2023-1108",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2174246"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Infinite loop in SslConduit during close",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1108"
},
{
"category": "external",
"summary": "RHBZ#2174246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1108"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1108",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1108"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-m4mm-pg93-fv78",
"url": "https://github.com/advisories/GHSA-m4mm-pg93-fv78"
}
],
"release_date": "2023-03-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:44+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-debuginfo-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Undertow: Infinite loop in SslConduit during close"
}
]
}
RHSA-2023_1513
Vulnerability from csaf_redhat - Published: 2023-03-29 11:44 - Updated: 2024-12-17 23:01Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 8 security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)
* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)
* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
6.2 (Medium)
Affected products
Fixed
2 products
Known not affected
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
Known not affected
124 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Affected products
Fixed
128 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
Known not affected
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.
5.5 (Medium)
Affected products
Fixed
128 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
5.3 (Medium)
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
Known not affected
108 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Low
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src | — |
Vendor Fix
fix
|
Known not affected
124 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — | ||
| Unresolved product id: 8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch | — |
Threats
Impact
Important
References
78 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)\n\n* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)\n\n* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)\n\n* RESTEasy: creation of insecure temp files (CVE-2023-0482)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1513",
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "2174246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246"
},
{
"category": "external",
"summary": "JBEAP-23572",
"url": "https://issues.redhat.com/browse/JBEAP-23572"
},
{
"category": "external",
"summary": "JBEAP-24121",
"url": "https://issues.redhat.com/browse/JBEAP-24121"
},
{
"category": "external",
"summary": "JBEAP-24172",
"url": "https://issues.redhat.com/browse/JBEAP-24172"
},
{
"category": "external",
"summary": "JBEAP-24182",
"url": "https://issues.redhat.com/browse/JBEAP-24182"
},
{
"category": "external",
"summary": "JBEAP-24220",
"url": "https://issues.redhat.com/browse/JBEAP-24220"
},
{
"category": "external",
"summary": "JBEAP-24254",
"url": "https://issues.redhat.com/browse/JBEAP-24254"
},
{
"category": "external",
"summary": "JBEAP-24292",
"url": "https://issues.redhat.com/browse/JBEAP-24292"
},
{
"category": "external",
"summary": "JBEAP-24339",
"url": "https://issues.redhat.com/browse/JBEAP-24339"
},
{
"category": "external",
"summary": "JBEAP-24341",
"url": "https://issues.redhat.com/browse/JBEAP-24341"
},
{
"category": "external",
"summary": "JBEAP-24363",
"url": "https://issues.redhat.com/browse/JBEAP-24363"
},
{
"category": "external",
"summary": "JBEAP-24372",
"url": "https://issues.redhat.com/browse/JBEAP-24372"
},
{
"category": "external",
"summary": "JBEAP-24380",
"url": "https://issues.redhat.com/browse/JBEAP-24380"
},
{
"category": "external",
"summary": "JBEAP-24383",
"url": "https://issues.redhat.com/browse/JBEAP-24383"
},
{
"category": "external",
"summary": "JBEAP-24384",
"url": "https://issues.redhat.com/browse/JBEAP-24384"
},
{
"category": "external",
"summary": "JBEAP-24385",
"url": "https://issues.redhat.com/browse/JBEAP-24385"
},
{
"category": "external",
"summary": "JBEAP-24395",
"url": "https://issues.redhat.com/browse/JBEAP-24395"
},
{
"category": "external",
"summary": "JBEAP-24507",
"url": "https://issues.redhat.com/browse/JBEAP-24507"
},
{
"category": "external",
"summary": "JBEAP-24535",
"url": "https://issues.redhat.com/browse/JBEAP-24535"
},
{
"category": "external",
"summary": "JBEAP-24574",
"url": "https://issues.redhat.com/browse/JBEAP-24574"
},
{
"category": "external",
"summary": "JBEAP-24588",
"url": "https://issues.redhat.com/browse/JBEAP-24588"
},
{
"category": "external",
"summary": "JBEAP-24605",
"url": "https://issues.redhat.com/browse/JBEAP-24605"
},
{
"category": "external",
"summary": "JBEAP-24618",
"url": "https://issues.redhat.com/browse/JBEAP-24618"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1513.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 8 security update",
"tracking": {
"current_release_date": "2024-12-17T23:01:56+00:00",
"generator": {
"date": "2024-12-17T23:01:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1513",
"initial_release_date": "2023-03-29T11:44:32+00:00",
"revision_history": [
{
"date": "2023-03-29T11:44:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-29T11:44:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:01:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.17-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.86-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@13.4.0-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.8-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.5-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.86-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.16-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.50-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.7-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-mime4j@0.8.9-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@2.0.1-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-spi@3.4.0-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-26.Final_redhat_00025.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-3.redhat_00004.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-4.redhat_00004.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.10-6.GA_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-common@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.86-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@13.4.0-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-appclient@13.4.0-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-common@13.4.0-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ear@13.4.0-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ejb@13.4.0-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-web@13.4.0-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.8-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.16-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.16-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.16-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.16-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.50-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-22.SP12_redhat_00012.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.7-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-mime4j@0.8.9-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@2.0.1-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-spi@3.4.0-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-26.Final_redhat_00025.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-26.Final_redhat_00025.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-26.Final_redhat_00025.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-3.redhat_00004.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.10-6.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.10-6.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.10-6.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.10-6.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.10-6.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.10-6.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.86-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.86-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-4.redhat_00004.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-4.redhat_00004.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-45787",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-01-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache James\u0027s Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45787"
},
{
"category": "external",
"summary": "RHBZ#2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45787"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787"
}
],
"release_date": "2023-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider"
},
{
"cve": "CVE-2023-0482",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166004"
}
],
"notes": [
{
"category": "description",
"text": "In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: creation of insecure temp files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0482"
},
{
"category": "external",
"summary": "RHBZ#2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0482",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "RESTEasy: creation of insecure temp files"
},
{
"cve": "CVE-2023-1108",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2174246"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Infinite loop in SslConduit during close",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1108"
},
{
"category": "external",
"summary": "RHBZ#2174246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1108"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1108",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1108"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-m4mm-pg93-fv78",
"url": "https://github.com/advisories/GHSA-m4mm-pg93-fv78"
}
],
"release_date": "2023-03-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:44:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1513"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-all-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Undertow: Infinite loop in SslConduit during close"
}
]
}
RHSA-2023_1514
Vulnerability from csaf_redhat - Published: 2023-03-29 11:43 - Updated: 2024-12-17 23:02Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 9 security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)
* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)
* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
6.2 (Medium)
Affected products
Fixed
2 products
Known not affected
125 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
Known not affected
123 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
125 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Affected products
Fixed
127 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Affected products
Fixed
2 products
Known not affected
125 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
Known not affected
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Moderate
A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.
5.5 (Medium)
Affected products
Fixed
127 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
5.3 (Medium)
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
Known not affected
107 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Low
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src | — |
Vendor Fix
fix
|
Known not affected
123 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — | ||
| Unresolved product id: 9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch | — |
Threats
Impact
Important
References
78 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)\n\n* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)\n\n* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)\n\n* RESTEasy: creation of insecure temp files (CVE-2023-0482)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1514",
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "2174246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246"
},
{
"category": "external",
"summary": "JBEAP-23572",
"url": "https://issues.redhat.com/browse/JBEAP-23572"
},
{
"category": "external",
"summary": "JBEAP-24122",
"url": "https://issues.redhat.com/browse/JBEAP-24122"
},
{
"category": "external",
"summary": "JBEAP-24172",
"url": "https://issues.redhat.com/browse/JBEAP-24172"
},
{
"category": "external",
"summary": "JBEAP-24182",
"url": "https://issues.redhat.com/browse/JBEAP-24182"
},
{
"category": "external",
"summary": "JBEAP-24220",
"url": "https://issues.redhat.com/browse/JBEAP-24220"
},
{
"category": "external",
"summary": "JBEAP-24254",
"url": "https://issues.redhat.com/browse/JBEAP-24254"
},
{
"category": "external",
"summary": "JBEAP-24292",
"url": "https://issues.redhat.com/browse/JBEAP-24292"
},
{
"category": "external",
"summary": "JBEAP-24339",
"url": "https://issues.redhat.com/browse/JBEAP-24339"
},
{
"category": "external",
"summary": "JBEAP-24341",
"url": "https://issues.redhat.com/browse/JBEAP-24341"
},
{
"category": "external",
"summary": "JBEAP-24363",
"url": "https://issues.redhat.com/browse/JBEAP-24363"
},
{
"category": "external",
"summary": "JBEAP-24372",
"url": "https://issues.redhat.com/browse/JBEAP-24372"
},
{
"category": "external",
"summary": "JBEAP-24380",
"url": "https://issues.redhat.com/browse/JBEAP-24380"
},
{
"category": "external",
"summary": "JBEAP-24383",
"url": "https://issues.redhat.com/browse/JBEAP-24383"
},
{
"category": "external",
"summary": "JBEAP-24384",
"url": "https://issues.redhat.com/browse/JBEAP-24384"
},
{
"category": "external",
"summary": "JBEAP-24385",
"url": "https://issues.redhat.com/browse/JBEAP-24385"
},
{
"category": "external",
"summary": "JBEAP-24395",
"url": "https://issues.redhat.com/browse/JBEAP-24395"
},
{
"category": "external",
"summary": "JBEAP-24507",
"url": "https://issues.redhat.com/browse/JBEAP-24507"
},
{
"category": "external",
"summary": "JBEAP-24535",
"url": "https://issues.redhat.com/browse/JBEAP-24535"
},
{
"category": "external",
"summary": "JBEAP-24574",
"url": "https://issues.redhat.com/browse/JBEAP-24574"
},
{
"category": "external",
"summary": "JBEAP-24588",
"url": "https://issues.redhat.com/browse/JBEAP-24588"
},
{
"category": "external",
"summary": "JBEAP-24605",
"url": "https://issues.redhat.com/browse/JBEAP-24605"
},
{
"category": "external",
"summary": "JBEAP-24618",
"url": "https://issues.redhat.com/browse/JBEAP-24618"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1514.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 on RHEL 9 security update",
"tracking": {
"current_release_date": "2024-12-17T23:02:06+00:00",
"generator": {
"date": "2024-12-17T23:02:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1514",
"initial_release_date": "2023-03-29T11:43:38+00:00",
"revision_history": [
{
"date": "2023-03-29T11:43:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-29T11:43:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:02:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.17-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.86-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.8-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@13.4.0-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.5-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.86-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.50-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"product_id": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.1.16-1.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.11-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.7-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-mime4j@0.8.9-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@2.0.1-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-spi@3.4.0-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-26.Final_redhat_00025.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-3.redhat_00004.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"product": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"product_id": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-4.redhat_00004.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.10-6.GA_redhat_00002.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-component-annotations@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@11.0.17-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-buffer@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-common@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.86-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.8-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata@13.4.0-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-appclient@13.4.0-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-common@13.4.0-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ear@13.4.0-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-ejb@13.4.0-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-metadata-web@13.4.0-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.5-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.50-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-22.SP12_redhat_00012.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.1.16-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.1.16-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.1.16-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.1.16-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.11-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-wildfly-integration@1.0.7-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.14-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-mime4j@0.8.9-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@2.0.1-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-spi@3.4.0-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-26.Final_redhat_00025.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-26.Final_redhat_00025.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-26.Final_redhat_00025.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-snakeyaml@1.33.0-2.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.23-1.SP2_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"product": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"product_id": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@1.0.2-3.redhat_00004.1.el9eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.10-6.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.10-6.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.10-6.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.10-6.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.10-6.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.10-6.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.86-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.86-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"product": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"product_id": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@1.0.2-4.redhat_00004.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@1.0.2-4.redhat_00004.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src"
},
"product_reference": "eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src"
},
"product_reference": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64"
},
"product_reference": "eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-45787",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-01-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache James\u0027s Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45787"
},
{
"category": "external",
"summary": "RHBZ#2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45787"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787"
}
],
"release_date": "2023-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider"
},
{
"cve": "CVE-2023-0482",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166004"
}
],
"notes": [
{
"category": "description",
"text": "In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: creation of insecure temp files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0482"
},
{
"category": "external",
"summary": "RHBZ#2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0482",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "RESTEasy: creation of insecure temp files"
},
{
"cve": "CVE-2023-1108",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2174246"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Infinite loop in SslConduit during close",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1108"
},
{
"category": "external",
"summary": "RHBZ#2174246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1108"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1108",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1108"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-m4mm-pg93-fv78",
"url": "https://github.com/advisories/GHSA-m4mm-pg93-fv78"
}
],
"release_date": "2023-03-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:43:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1514"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-activemq-artemis-native-1:1.0.2-3.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-mime4j-0:0.8.9-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-artemis-native-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-native-wildfly-1:1.0.2-4.redhat_00004.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-artemis-wildfly-integration-0:1.0.7-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-0:11.0.17-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-jdbc-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-cachestore-remote-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-client-hotrod-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-component-annotations-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-core-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-commons-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-spi-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-infinispan-hibernate-cache-v53-0:11.0.17-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.11-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.11-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.50-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-el-api_3.0_spec-0:2.0.1-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-0:13.4.0-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-metadata-appclient-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-common-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ear-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-ejb-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-metadata-web-0:13.4.0-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-26.Final_redhat_00025.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-26.Final_redhat_00025.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.8-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-spi-0:3.4.0-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.86-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.86-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-common-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-config-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-federation-0:2.5.5-22.SP12_redhat_00012.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-picketlink-idm-api-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-idm-simple-schema-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-picketlink-impl-0:2.5.5-22.SP12_redhat_00012.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.5-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-snakeyaml-0:1.33.0-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.23-1.SP2_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.14-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.10-6.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-http-client-common-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-ejb-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-naming-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-http-transaction-client-0:1.1.16-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.10-6.GA_redhat_00002.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Undertow: Infinite loop in SslConduit during close"
}
]
}
RHSA-2023_1516
Vulnerability from csaf_redhat - Published: 2023-03-29 11:45 - Updated: 2024-12-17 23:02Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 security update
Severity
Important
Notes
Topic: A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)
* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)
* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).
6.2 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EAP 7.4.10 release
Red Hat / Red Hat JBoss Enterprise Application Platform
|
cpe:/a:redhat:jboss_enterprise_application_platform:7.4
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
References
78 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)\n\n* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)\n\n* Undertow: Infinite loop in SslConduit during close (CVE-2023-1108)\n\n* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)\n\n* RESTEasy: creation of insecure temp files (CVE-2023-0482)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1516",
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "2174246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246"
},
{
"category": "external",
"summary": "JBEAP-23572",
"url": "https://issues.redhat.com/browse/JBEAP-23572"
},
{
"category": "external",
"summary": "JBEAP-24172",
"url": "https://issues.redhat.com/browse/JBEAP-24172"
},
{
"category": "external",
"summary": "JBEAP-24182",
"url": "https://issues.redhat.com/browse/JBEAP-24182"
},
{
"category": "external",
"summary": "JBEAP-24220",
"url": "https://issues.redhat.com/browse/JBEAP-24220"
},
{
"category": "external",
"summary": "JBEAP-24254",
"url": "https://issues.redhat.com/browse/JBEAP-24254"
},
{
"category": "external",
"summary": "JBEAP-24292",
"url": "https://issues.redhat.com/browse/JBEAP-24292"
},
{
"category": "external",
"summary": "JBEAP-24339",
"url": "https://issues.redhat.com/browse/JBEAP-24339"
},
{
"category": "external",
"summary": "JBEAP-24341",
"url": "https://issues.redhat.com/browse/JBEAP-24341"
},
{
"category": "external",
"summary": "JBEAP-24363",
"url": "https://issues.redhat.com/browse/JBEAP-24363"
},
{
"category": "external",
"summary": "JBEAP-24372",
"url": "https://issues.redhat.com/browse/JBEAP-24372"
},
{
"category": "external",
"summary": "JBEAP-24380",
"url": "https://issues.redhat.com/browse/JBEAP-24380"
},
{
"category": "external",
"summary": "JBEAP-24383",
"url": "https://issues.redhat.com/browse/JBEAP-24383"
},
{
"category": "external",
"summary": "JBEAP-24384",
"url": "https://issues.redhat.com/browse/JBEAP-24384"
},
{
"category": "external",
"summary": "JBEAP-24385",
"url": "https://issues.redhat.com/browse/JBEAP-24385"
},
{
"category": "external",
"summary": "JBEAP-24395",
"url": "https://issues.redhat.com/browse/JBEAP-24395"
},
{
"category": "external",
"summary": "JBEAP-24507",
"url": "https://issues.redhat.com/browse/JBEAP-24507"
},
{
"category": "external",
"summary": "JBEAP-24535",
"url": "https://issues.redhat.com/browse/JBEAP-24535"
},
{
"category": "external",
"summary": "JBEAP-24574",
"url": "https://issues.redhat.com/browse/JBEAP-24574"
},
{
"category": "external",
"summary": "JBEAP-24588",
"url": "https://issues.redhat.com/browse/JBEAP-24588"
},
{
"category": "external",
"summary": "JBEAP-24605",
"url": "https://issues.redhat.com/browse/JBEAP-24605"
},
{
"category": "external",
"summary": "JBEAP-24618",
"url": "https://issues.redhat.com/browse/JBEAP-24618"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1516.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.10 security update",
"tracking": {
"current_release_date": "2024-12-17T23:02:16+00:00",
"generator": {
"date": "2024-12-17T23:02:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:1516",
"initial_release_date": "2023-03-29T11:45:38+00:00",
"revision_history": [
{
"date": "2023-03-29T11:45:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-29T11:45:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T23:02:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP 7.4.10 release",
"product": {
"name": "EAP 7.4.10 release",
"product_id": "EAP 7.4.10 release",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150009"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SnakeYaml: Constructor Deserialization Remote Code Execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the Red Hat Process Automation 7 (RHPAM) the untrusted, malicious YAML file for deserialization by the vulnerable Snakeyaml\u0027s SafeConstructor class must be provided intentionally by the RHPAM user which requires high privileges. The potential attack complexity is also high because it depends on conditions that are beyond the attacker\u0027s control. Due to that the impact for RHPAM is reduced to Low.\n\nRed Hat Fuse 7 does not expose by default any endpoint that passes incoming data/request into vulnerable Snakeyaml\u0027s Constructor class nor pass untrusted data to this class. When this class is used, it\u2019s still only used to parse internal configuration, hence the impact by this vulnerability to Red Hat Fuse 7 is reduced to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1471"
},
{
"category": "external",
"summary": "RHBZ#2150009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1471"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2",
"url": "https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2"
}
],
"release_date": "2022-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "SnakeYaml: Constructor Deserialization Remote Code Execution"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"EAP 7.4.10 release"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-45787",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-01-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache James\u0027s Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45787"
},
{
"category": "external",
"summary": "RHBZ#2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45787"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787"
}
],
"release_date": "2023-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider"
},
{
"cve": "CVE-2023-0482",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166004"
}
],
"notes": [
{
"category": "description",
"text": "In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: creation of insecure temp files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0482"
},
{
"category": "external",
"summary": "RHBZ#2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0482",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "RESTEasy: creation of insecure temp files"
},
{
"cve": "CVE-2023-1108",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2023-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2174246"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Infinite loop in SslConduit during close",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP 7.4.10 release"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1108"
},
{
"category": "external",
"summary": "RHBZ#2174246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174246"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1108"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1108",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1108"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-m4mm-pg93-fv78",
"url": "https://github.com/advisories/GHSA-m4mm-pg93-fv78"
}
],
"release_date": "2023-03-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-29T11:45:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"EAP 7.4.10 release"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1516"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"EAP 7.4.10 release"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Undertow: Infinite loop in SslConduit during close"
}
]
}
RHSA-2023_2100
Vulnerability from csaf_redhat - Published: 2023-05-03 14:05 - Updated: 2024-12-17 22:55Summary
Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update
Severity
Important
Notes
Topic: Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.
The purpose of this text-only errata is to inform you about the security issues fixed.
Security Fix(es):
* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)
* JXPath: untrusted XPath expressions may lead to RCE attack (CVE-2022-41852)
* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)
* xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow (CVE-2022-41966)
* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)
* apache-commons-net: FTP client trusts the host from PASV response by default (CVE-2021-37533)
* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)
* apache-spark: XSS vulnerability in log viewer UI Javascript (CVE-2022-31777)
* Apache Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM (CVE-2022-33681)
* apache-ivy: Directory Traversal (CVE-2022-37865)
* : Apache Ivy: Ivy Path traversal (CVE-2022-37866)
* batik: Server-Side Request Forgery (CVE-2022-38398)
* batik: Server-Side Request Forgery (CVE-2022-38648)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)
* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)
* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* scandium: Failing DTLS handshakes may cause throttling to block processing of records (CVE-2022-39368)
* batik: Server-Side Request Forgery (SSRF) vulnerability (CVE-2022-40146)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)
* batik: Apache XML Graphics Batik vulnerable to code execution via SVG (CVE-2022-41704)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* batik: Untrusted code execution in Apache XML Graphics Batik (CVE-2022-42890)
* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)
* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)
* shiro: Authentication bypass through a specially crafted HTTP request (CVE-2023-22602)
* Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* springframework: Spring Expression DoS Vulnerability (CVE-2023-20863)
* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about services running on the private network of the client.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A stored cross-site scripting (XSS) flaw was found in Apache Spark. This issue allows an attacker to execute arbitrary JavaScript in the web browser of a user, including a malicious payload into the logs which are returned in logs rendered in the UI.
5.4 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Apache Pulsar Java Client. This flaw allows an attacker to use a Man-in-the-Middle (MITM) attack, manipulating network traffic and gaining the client's authentication data.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious used to have unwanted access.
9.1 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Ivy. This may allow an attacker to place artifacts inside and outside of Ivy's repository and overwrite artifacts that the user will use later.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
5.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Eclipse Californium Scandium package. This issue occurs when failing handshakes don't clean up counters for throttling, causing the threshold to be reached without being released again, resulting in a denial of service. An attacker could submit a high quantity of server requests, leaving the server unable to respond.
8.2 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Batik. This issue may allow a malicious user to run untrusted Java code from an SVG.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Apache Commons JXPath package. This flaw allows an attacker to use the interpreter to execute untrusted expressions and a remote code attack.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.
9.8 (Critical)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Low
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Batik of Apache XML Graphics. This issue may allow a malicious user to run Java code from untrusted SVG via JavaScript.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘[‘ or ‘{‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Spring Framework. Certain versions of Spring Framework's Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Shiro. This issue may allow a malicious user to send a specially crafted HTTP request that could cause an authentication bypass.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RHINT Camel-Springboot 3.20.1
Red Hat / Red Hat Integration
|
cpe:/a:redhat:camel_spring_boot:3.20.1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
204 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Integration Camel for Spring Boot 3.20.1 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Camel for Spring Boot 3.20.1 serves as a replacement for Camel for Spring Boot 3.18.3 and includes bug fixes and enhancements, which are documented in the Release Notes document linked in the References.\n\nThe purpose of this text-only errata is to inform you about the security issues fixed.\n\nSecurity Fix(es):\n\n* snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)\n\n* JXPath: untrusted XPath expressions may lead to RCE attack (CVE-2022-41852)\n\n* hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853)\n\n* xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow (CVE-2022-41966)\n\n* springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860)\n\n* apache-commons-net: FTP client trusts the host from PASV response by default (CVE-2021-37533)\n\n* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)\n\n* apache-spark: XSS vulnerability in log viewer UI Javascript (CVE-2022-31777)\n\n* Apache Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM (CVE-2022-33681)\n\n* apache-ivy: Directory Traversal (CVE-2022-37865)\n\n* : Apache Ivy: Ivy Path traversal (CVE-2022-37866)\n\n* batik: Server-Side Request Forgery (CVE-2022-38398)\n\n* batik: Server-Side Request Forgery (CVE-2022-38648)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode (CVE-2022-38749)\n\n* snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject (CVE-2022-38750)\n\n* snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match (CVE-2022-38751)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* scandium: Failing DTLS handshakes may cause throttling to block processing of records (CVE-2022-39368)\n\n* batik: Server-Side Request Forgery (SSRF) vulnerability (CVE-2022-40146)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40156)\n\n* batik: Apache XML Graphics Batik vulnerable to code execution via SVG (CVE-2022-41704)\n\n* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* batik: Untrusted code execution in Apache XML Graphics Batik (CVE-2022-42890)\n\n* jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)\n\n* shiro: Authentication bypass through a specially crafted HTTP request (CVE-2023-22602)\n\n* Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* springframework: Spring Expression DoS Vulnerability (CVE-2023-20863)\n\n* json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2100",
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=red.hat.integration\u0026version=2023-Q2"
},
{
"category": "external",
"summary": "2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2134292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2136128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136128"
},
{
"category": "external",
"summary": "2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "2136207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136207"
},
{
"category": "external",
"summary": "2145205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145205"
},
{
"category": "external",
"summary": "2145264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145264"
},
{
"category": "external",
"summary": "2150011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150011"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2155291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155291"
},
{
"category": "external",
"summary": "2155292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155292"
},
{
"category": "external",
"summary": "2155295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155295"
},
{
"category": "external",
"summary": "2169924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169924"
},
{
"category": "external",
"summary": "2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "2172298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172298"
},
{
"category": "external",
"summary": "2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "2182182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182182"
},
{
"category": "external",
"summary": "2182183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182183"
},
{
"category": "external",
"summary": "2182188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182188"
},
{
"category": "external",
"summary": "2182198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182198"
},
{
"category": "external",
"summary": "2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "2187742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187742"
},
{
"category": "external",
"summary": "2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2100.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.20.1 security update",
"tracking": {
"current_release_date": "2024-12-17T22:55:43+00:00",
"generator": {
"date": "2024-12-17T22:55:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:2100",
"initial_release_date": "2023-05-03T14:05:29+00:00",
"revision_history": [
{
"date": "2023-05-03T14:05:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-03T14:05:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:55:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHINT Camel-Springboot 3.20.1",
"product": {
"name": "RHINT Camel-Springboot 3.20.1",
"product_id": "RHINT Camel-Springboot 3.20.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:camel_spring_boot:3.20.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Integration"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37533",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2169924"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons Net\u0027s FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about services running on the private network of the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-net: FTP client trusts the host from PASV response by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-37533"
},
{
"category": "external",
"summary": "RHBZ#2169924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2169924"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37533"
}
],
"release_date": "2023-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-net: FTP client trusts the host from PASV response by default"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-25857",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2126789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Denial of Service due to missing nested depth limitation for collections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For RHEL-8 it\u0027s downgraded to moderate because \"snakeyaml\" itself in RHEL 8 or RHEL-9 isn\u0027t shipped and \"prometheus-jmx-exporter\" is needed as build dependency. And it\u0027s not directly exploitable, hence severity marked as moderate.\nRed Hat Integration and AMQ products are not vulnerable to this flaw, so their severity has been lowered to moderate.\nRed Hat Single Sign-On uses snakeyaml from liquibase-core and is only used when performing migrations and would require administrator privileges to execute, hence severity marked as Low.\nRed Hat Fuse 7 is now in Maintenance Support Phase and details about its fix should be present soon. However, Red Hat Fuse Online (Syndesis) does will not contain the fix for this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25857"
},
{
"category": "external",
"summary": "RHBZ#2126789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25857"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/525"
}
],
"release_date": "2022-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Denial of Service due to missing nested depth limitation for collections"
},
{
"cve": "CVE-2022-31777",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145264"
}
],
"notes": [
{
"category": "description",
"text": "A stored cross-site scripting (XSS) flaw was found in Apache Spark. This issue allows an attacker to execute arbitrary JavaScript in the web browser of a user, including a malicious payload into the logs which are returned in logs rendered in the UI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-spark: XSS vulnerability in log viewer UI Javascript",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-31777"
},
{
"category": "external",
"summary": "RHBZ#2145264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145264"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-31777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31777"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-31777",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31777"
}
],
"release_date": "2022-11-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-spark: XSS vulnerability in log viewer UI Javascript"
},
{
"cve": "CVE-2022-33681",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Pulsar Java Client. This flaw allows an attacker to use a Man-in-the-Middle (MITM) attack, manipulating network traffic and gaining the client\u0027s authentication data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-33681"
},
{
"category": "external",
"summary": "RHBZ#2136207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-33681",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-33681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33681"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Pulsar: Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM"
},
{
"cve": "CVE-2022-37865",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182188"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Ivy. With Apache Ivy 2.4.0, an optional packaging attribute was introduced that allows artifacts to be unpacked on the fly if pack200 or zip packaging was used. This issue could allow a malicious used to have unwanted access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-ivy: Directory Traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although the CVSS states High according to NIST, due to the nature of this flaw, considering it\u0027s an optional attribute and there must be restrictions in other layers to prevent attacks, this flaw is taken as a Moderate following the Medium impact from Apache.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37865"
},
{
"category": "external",
"summary": "RHBZ#2182188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182188"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37865"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37865",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37865"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/gqvvv7qsm2dfjg6xzsw1s2h08tbr0sdy",
"url": "https://lists.apache.org/thread/gqvvv7qsm2dfjg6xzsw1s2h08tbr0sdy"
}
],
"release_date": "2022-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-ivy: Directory Traversal"
},
{
"cve": "CVE-2022-37866",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-12-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2150011"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Ivy. This may allow an attacker to place artifacts inside and outside of Ivy\u0027s repository and overwrite artifacts that the user will use later.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Ivy: Ivy Path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-37866"
},
{
"category": "external",
"summary": "RHBZ#2150011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150011"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-37866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37866"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37866",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37866"
}
],
"release_date": "2022-11-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Ivy: Ivy Path traversal"
},
{
"cve": "CVE-2022-38398",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155292"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38398"
},
{
"category": "external",
"summary": "RHBZ#2155292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38398",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38398"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38398",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38398"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903462",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903462"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1331",
"url": "https://issues.apache.org/jira/browse/BATIK-1331"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/712c9xwtmyghyokzrm2ml6sps4xlmbsx",
"url": "https://lists.apache.org/thread/712c9xwtmyghyokzrm2ml6sps4xlmbsx"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery"
},
{
"cve": "CVE-2022-38648",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155295"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38648"
},
{
"category": "external",
"summary": "RHBZ#2155295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38648"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903625",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903625"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1333",
"url": "https://issues.apache.org/jira/browse/BATIK-1333"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/gfsktxvj7jtwyovmhhbrw0bs13wfjd7b",
"url": "https://lists.apache.org/thread/gfsktxvj7jtwyovmhhbrw0bs13wfjd7b"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery"
},
{
"cve": "CVE-2022-38749",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129706"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38749"
},
{
"category": "external",
"summary": "RHBZ#2129706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38749"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode"
},
{
"cve": "CVE-2022-38750",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38750"
},
{
"category": "external",
"summary": "RHBZ#2129707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38750"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject"
},
{
"cve": "CVE-2022-38751",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129709"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.\n\nSatellite component Candlepin does not directly use snakeyaml, so it is not affected. Regardless, an update with the latest, unaffected snakeyaml version will be provided at next release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38751"
},
{
"category": "external",
"summary": "RHBZ#2129709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129709"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38751"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-39368",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145205"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Californium Scandium package. This issue occurs when failing handshakes don\u0027t clean up counters for throttling, causing the threshold to be reached without being released again, resulting in a denial of service. An attacker could submit a high quantity of server requests, leaving the server unable to respond.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "scandium: Failing DTLS handshakes may cause throttling to block processing of records",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-39368"
},
{
"category": "external",
"summary": "RHBZ#2145205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-39368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39368"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-39368",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-39368"
},
{
"category": "external",
"summary": "https://github.com/eclipse-californium/californium/security/advisories/GHSA-p72g-cgh9-ghjgc",
"url": "https://github.com/eclipse-californium/californium/security/advisories/GHSA-p72g-cgh9-ghjgc"
}
],
"release_date": "2022-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "scandium: Failing DTLS handshakes may cause throttling to block processing of records"
},
{
"cve": "CVE-2022-40146",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155291"
}
],
"notes": [
{
"category": "description",
"text": "Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Server-Side Request Forgery (SSRF) vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40146"
},
{
"category": "external",
"summary": "RHBZ#2155291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40146",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40146"
},
{
"category": "external",
"summary": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903910",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1903910"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/BATIK-1335",
"url": "https://issues.apache.org/jira/browse/BATIK-1335"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/hxtddqjty2sbs12y97c8g7xfh17jzxsx",
"url": "https://lists.apache.org/thread/hxtddqjty2sbs12y97c8g7xfh17jzxsx"
}
],
"release_date": "2022-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Server-Side Request Forgery (SSRF) vulnerability"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40151",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134292"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40151"
},
{
"category": "external",
"summary": "RHBZ#2134292",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134292"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40151",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40151"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-40156",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134288"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40156"
},
{
"category": "external",
"summary": "RHBZ#2134288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40156"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-41704",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Batik.\u00a0This issue may allow a malicious user to run untrusted Java code from an SVG.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Apache XML Graphics Batik vulnerable to code execution via SVG",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41704"
},
{
"category": "external",
"summary": "RHBZ#2182182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41704"
}
],
"release_date": "2022-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Apache XML Graphics Batik vulnerable to code execution via SVG"
},
{
"cve": "CVE-2022-41852",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136128"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Commons JXPath package. This flaw allows an attacker to use the interpreter to execute untrusted expressions and a remote code attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JXPath: untrusted XPath expressions may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41852"
},
{
"category": "external",
"summary": "RHBZ#2136128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136128"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41852"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JXPath: untrusted XPath expressions may lead to RCE attack"
},
{
"cve": "CVE-2022-41853",
"cwe": {
"id": "CWE-470",
"name": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)"
},
"discovery_date": "2022-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2136141"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hsqldb: Untrusted input may lead to RCE attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41853"
},
{
"category": "external",
"summary": "RHBZ#2136141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136141"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41853"
},
{
"category": "external",
"summary": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control",
"url": "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-77xx-rxvh-q682",
"url": "https://github.com/advisories/GHSA-77xx-rxvh-q682"
}
],
"release_date": "2022-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
},
{
"category": "workaround",
"details": "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "hsqldb: Untrusted input may lead to RCE attack"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-41966",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-02-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2170431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the xstream package. This flaw allows an attacker to cause a denial of service by injecting recursive collections or maps, raising a stack overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 ships an affected version of XStream. No endpoint in any flavor of Fuse is accepting by default an unverified input stream passed directly to XStream unmarshaller. Documentation always recommend all the endpoints (TCP/UDP/HTTP(S)/other listeners) to have at least one layer of authentication/authorization and Fuse in general itself in particular has a lot of mechanisms to protect the endpoints.\n\nRed Hat Single Sign-On contains XStream as a transitive dependency from Infinispan and the same is not affected as NO_REFERENCE is in use.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41966"
},
{
"category": "external",
"summary": "RHBZ#2170431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41966"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-j563-grx4-pjpv"
}
],
"release_date": "2022-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xstream: Denial of Service by injecting recursive collections or maps based on element\u0027s hash values raising a stack overflow"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-42890",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182183"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Batik of Apache XML Graphics. This issue may allow a malicious user to run Java code from untrusted SVG via JavaScript.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: Untrusted code execution in Apache XML Graphics Batik",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42890"
},
{
"category": "external",
"summary": "RHBZ#2182183",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182183"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42890"
}
],
"release_date": "2022-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: Untrusted code execution in Apache XML Graphics Batik"
},
{
"cve": "CVE-2023-1370",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-04-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2188542"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the json-smart package. This security flaw occurs when reaching a \u2018[\u2018 or \u2018{\u2018 character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed recursively, nesting too many of them can cause stack exhaustion (stack overflow) and crash the software.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1370"
},
{
"category": "external",
"summary": "RHBZ#2188542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188542"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1370"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-493p-pfq6-5258",
"url": "https://github.com/advisories/GHSA-493p-pfq6-5258"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/",
"url": "https://research.jfrog.com/vulnerabilities/stack-exhaustion-in-json-smart-leads-to-denial-of-service-when-parsing-malformed-json-xray-427633/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)"
},
{
"cve": "CVE-2023-1436",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2023-03-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182788"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison. Infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This issue leads to a StackOverflowError exception being thrown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: Uncontrolled Recursion in JSONArray",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1436"
},
{
"category": "external",
"summary": "RHBZ#2182788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436"
},
{
"category": "external",
"summary": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/",
"url": "https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/"
}
],
"release_date": "2023-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: Uncontrolled Recursion in JSONArray"
},
{
"cve": "CVE-2023-20860",
"cwe": {
"id": "CWE-155",
"name": "Improper Neutralization of Wildcards or Matching Symbols"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20860"
},
{
"category": "external",
"summary": "RHBZ#2180528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20860"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern"
},
{
"cve": "CVE-2023-20861",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2180530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20861"
},
{
"category": "external",
"summary": "RHBZ#2180530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20861"
},
{
"category": "external",
"summary": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861",
"url": "https://spring.io/blog/2023/03/20/spring-framework-6-0-7-and-5-3-26-fix-cve-2023-20860-and-cve-2023-20861"
}
],
"release_date": "2023-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-20863",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-04-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2187742"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Framework. Certain versions of Spring Framework\u0027s Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "springframework: Spring Expression DoS Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-20863"
},
{
"category": "external",
"summary": "RHBZ#2187742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187742"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-20863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-20863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20863"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2023-20863",
"url": "https://spring.io/security/cve-2023-20863"
}
],
"release_date": "2023-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "springframework: Spring Expression DoS Vulnerability"
},
{
"cve": "CVE-2023-22602",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182198"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Shiro. This issue may allow a malicious user to send a specially crafted HTTP request that could cause an authentication bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shiro: Authentication bypass through a specially crafted HTTP request",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22602"
},
{
"category": "external",
"summary": "RHBZ#2182198",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182198"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22602"
}
],
"release_date": "2023-01-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "shiro: Authentication bypass through a specially crafted HTTP request"
},
{
"cve": "CVE-2023-24998",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2172298"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service.\r\n\r\nWhile Red Hat Satellite relies upon Apache Tomcat, it does not directly ship it. Tomcat is shipped with Red Hat Enterprise Linux and consumed by the Candlepin component of Satellite. Red Hat Satellite users are therefore advised to check the impact state of Red Hat Enterprise Linux, since any necessary fixes will be distributed through the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "FileUpload: FileUpload DoS with excessive parts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHINT Camel-Springboot 3.20.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-24998"
},
{
"category": "external",
"summary": "RHBZ#2172298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5",
"url": "https://commons.apache.org/proper/commons-fileupload/security-reports.html#Fixed_in_Apache_Commons_FileUpload_1.5"
}
],
"release_date": "2023-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-03T14:05:29+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"RHINT Camel-Springboot 3.20.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"RHINT Camel-Springboot 3.20.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "FileUpload: FileUpload DoS with excessive parts"
}
]
}
RHSA-2023_2705
Vulnerability from csaf_redhat - Published: 2023-05-10 11:25 - Updated: 2024-12-17 21:16Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 7
Severity
Moderate
Notes
Topic: New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.6.3 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* okhttp: information disclosure via improperly used cryptographic function (CVE-2021-0341)
* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)
* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)
* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)
* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)
* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)
* RESTEasy: creation of insecure temp files (CVE-2023-0482)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
6.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.
5.5 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
5.3 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat Single Sign-On 7.6.3 packages are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.6.3 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.6.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* okhttp: information disclosure via improperly used cryptographic function (CVE-2021-0341)\n\n* undertow: Server identity in https connection is not checked by the undertow client (CVE-2022-4492)\n\n* snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode (CVE-2022-38752)\n\n* dev-java/snakeyaml: DoS via stack overflow (CVE-2022-41854)\n\n* codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS (CVE-2022-41881)\n\n* apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider (CVE-2022-45787)\n\n* RESTEasy: creation of insecure temp files (CVE-2023-0482)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:2705",
"url": "https://access.redhat.com/errata/RHSA-2023:2705"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "2154086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154086"
},
{
"category": "external",
"summary": "2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_2705.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 7",
"tracking": {
"current_release_date": "2024-12-17T21:16:36+00:00",
"generator": {
"date": "2024-12-17T21:16:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:2705",
"initial_release_date": "2023-05-10T11:25:19+00:00",
"revision_history": [
{
"date": "2023-05-10T11:25:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-05-10T11:25:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T21:16:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product": {
"name": "Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"product": {
"name": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"product_id": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1.el7sso?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"product": {
"name": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"product_id": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak@18.0.7-1.redhat_00001.1.el7sso?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"product": {
"name": "rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"product_id": "rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-sso7-keycloak-server@18.0.7-1.redhat_00001.1.el7sso?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
},
"product_reference": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src"
},
"product_reference": "rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"relates_to_product_reference": "7Server-RHSSO-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch as a component of Red Hat Single Sign-On 7.6 for RHEL 7 Server",
"product_id": "7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
},
"product_reference": "rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"relates_to_product_reference": "7Server-RHSSO-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-0341",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2154086"
}
],
"notes": [
{
"category": "description",
"text": "In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "okhttp: information disclosure via improperly used cryptographic function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-0341"
},
{
"category": "external",
"summary": "RHBZ#2154086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154086"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-0341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0341"
},
{
"category": "external",
"summary": "https://source.android.com/security/bulletin/2021-02-01",
"url": "https://source.android.com/security/bulletin/2021-02-01"
}
],
"release_date": "2021-02-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-10T11:25:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "okhttp: information disclosure via improperly used cryptographic function"
},
{
"cve": "CVE-2022-4492",
"cwe": {
"id": "CWE-550",
"name": "Server-generated Error Message Containing Sensitive Information"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153260"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. This is a compulsory step ( that should at least be performed by default) in HTTPS and in http/2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Server identity in https connection is not checked by the undertow client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"category": "external",
"summary": "RHBZ#2153260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153260"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-4492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4492"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4492"
}
],
"release_date": "2022-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-10T11:25:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Server identity in https connection is not checked by the undertow client"
},
{
"cve": "CVE-2022-38752",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2129710"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Build of Quarkus is not affected by this issue as it already includes the fixed version.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-38752"
},
{
"category": "external",
"summary": "RHBZ#2129710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38752"
}
],
"release_date": "2022-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-10T11:25:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode"
},
{
"cve": "CVE-2022-41854",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2151988"
}
],
"notes": [
{
"category": "description",
"text": "Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dev-java/snakeyaml: DoS via stack overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41854"
},
{
"category": "external",
"summary": "RHBZ#2151988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41854"
},
{
"category": "external",
"summary": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355",
"url": "https://bitbucket.org/snakeyaml/snakeyaml/issues/543/stackoverflow-oss-fuzz-50355"
},
{
"category": "external",
"summary": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355"
}
],
"release_date": "2022-11-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-10T11:25:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dev-java/snakeyaml: DoS via stack overflow"
},
{
"cve": "CVE-2022-41881",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2022-12-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2153379"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41881"
},
{
"category": "external",
"summary": "RHBZ#2153379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41881"
}
],
"release_date": "2022-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-10T11:25:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS"
},
{
"cve": "CVE-2022-45787",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-01-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2158916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache James\u0027s Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their intended permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45787"
},
{
"category": "external",
"summary": "RHBZ#2158916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2158916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45787"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45787"
}
],
"release_date": "2023-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-10T11:25:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-james-mime4j: Temporary File Information Disclosure in MIME4J TempFileStorageProvider"
},
{
"cve": "CVE-2023-0482",
"cwe": {
"id": "CWE-378",
"name": "Creation of Temporary File With Insecure Permissions"
},
"discovery_date": "2023-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2166004"
}
],
"notes": [
{
"category": "description",
"text": "In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: creation of insecure temp files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-0482"
},
{
"category": "external",
"summary": "RHBZ#2166004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2166004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-0482",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0482"
}
],
"release_date": "2023-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-05-10T11:25:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:2705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.noarch",
"7Server-RHSSO-7.6:rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso.src",
"7Server-RHSSO-7.6:rh-sso7-keycloak-server-0:18.0.7-1.redhat_00001.1.el7sso.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "RESTEasy: creation of insecure temp files"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…