Action not permitted
Modal body text goes here.
CVE-2024-4029
Vulnerability from cvelistv5
Published
2024-05-02 14:55
Modified
2024-11-05 03:03
Severity ?
EPSS score ?
Summary
Wildfly: no timeout for eap management interface may lead to denial of service (dos)
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4029",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-14T19:17:30.528404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T19:17:38.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:26:57.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"name": "RHBZ#2278615",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-domain-http",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-hal-console",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.24-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-hibernate-validator",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.23-2.SP1_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-insights-java-client",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-ironjacamar",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.18-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-cert-helper",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-ejb-client",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.55-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-server-migration",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-39.Final_redhat_00039.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-jbossws-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.4.12-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-jsoup",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.15.4-1.redhat_00003.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-undertow-jastow",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.15-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:7.4.19-1.GA_redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
],
"defaultStatus": "affected",
"packageName": "eap7-xalan-j2",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.7.1-37.redhat_00015.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-hal-console",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.24-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-hibernate-validator",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.23-2.SP1_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-insights-java-client",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-ironjacamar",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.18-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-cert-helper",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-ejb-client",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.55-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-server-migration",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-39.Final_redhat_00039.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-jbossws-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.4.12-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-jsoup",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.15.4-1.redhat_00003.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-undertow-jastow",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.15-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:7.4.19-1.GA_redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
],
"defaultStatus": "affected",
"packageName": "eap7-xalan-j2",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.7.1-37.redhat_00015.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-hal-console",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.3.24-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-hibernate-validator",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.23-2.SP1_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-insights-java-client",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-ironjacamar",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.5.18-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-cert-helper",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-ejb-client",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.55-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-jboss-server-migration",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.10.0-39.Final_redhat_00039.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-jbossws-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.4.12-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-jsoup",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.15.4-1.redhat_00003.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-undertow-jastow",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.15-1.Final_redhat_00001.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:7.4.19-1.GA_redhat_00002.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
],
"defaultStatus": "affected",
"packageName": "eap7-xalan-j2",
"product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.7.1-37.redhat_00015.1.el7eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-domain-http",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-activemq-artemis",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.33.0-1.redhat_00015.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-activemq-artemis-native",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.0.0-2.redhat_00005.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-aesh-extensions",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.8.0-2.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-aesh-readline",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.0-2.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-codec",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.16.1-2.redhat_00007.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-collections",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.2.2-28.redhat_2.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-io",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.15.1-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-lang",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.14.0-2.redhat_00006.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.5-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-artemis-native",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.0.0-2.redhat_00005.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-artemis-wildfly-integration",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.1-1.redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-asyncutil",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.1.0-2.redhat_00010.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-aws-java-sdk",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.12.284-2.redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-cryptacular",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.2.5-2.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-eap-product-conf-parent",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:800.4.0-1.GA_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-fastinfoset",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.1.0-4.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-hibernate",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.2.31-1.Final_redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-hibernate-validator",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.1-3.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-hppc",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.8.1-2.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-insights-java-client",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-jakarta-servlet-jsp-jstl-api",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.0.1-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-jboss-cert-helper",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-jboss-logging",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.3-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-jctools",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.2-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-jgroups",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.3.10-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-log4j",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.22.1-1.redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-narayana",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.3-1.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-nimbus-jose-jwt",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:9.37.3-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-objectweb-asm",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:9.6.0-1.redhat_00002.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-pem-keystore",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.3.0-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-resteasy-extensions",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.1-3.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-resteasy-spring",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.0.1-2.Final_redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-saaj-impl",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.0.4-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-shibboleth-java-support",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.0-6.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-slf4j",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.16-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-snakeyaml",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.0-1.redhat_00001.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
],
"defaultStatus": "affected",
"packageName": "eap8-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.4-2.GA_redhat_00005.1.el8eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-activemq-artemis",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.33.0-1.redhat_00015.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-activemq-artemis-native",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.0.0-2.redhat_00005.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-aesh-extensions",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.8.0-2.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-aesh-readline",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.0-2.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-codec",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.16.1-2.redhat_00007.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-collections",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.2.2-28.redhat_2.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-io",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.15.1-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-commons-lang",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.14.0-2.redhat_00006.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-apache-cxf",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.5-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-artemis-native",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.0.0-2.redhat_00005.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-artemis-wildfly-integration",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.1-1.redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-asyncutil",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.1.0-2.redhat_00010.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-aws-java-sdk",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.12.284-2.redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-cryptacular",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.2.5-2.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-eap-product-conf-parent",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:800.4.0-1.GA_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-fastinfoset",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.1.0-4.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-hibernate",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.2.31-1.Final_redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-hibernate-validator",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.1-3.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-hppc",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:0.8.1-2.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-insights-java-client",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-jakarta-servlet-jsp-jstl-api",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.0.1-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-jboss-cert-helper",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1.3-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-jboss-logging",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.5.3-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-jctools",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:4.0.2-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-jgroups",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:5.3.10-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-log4j",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.22.1-1.redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-narayana",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:6.0.3-1.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-nimbus-jose-jwt",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:9.37.3-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-objectweb-asm",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:9.6.0-1.redhat_00002.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-pem-keystore",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.3.0-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-resteasy-extensions",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.1-3.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-resteasy-spring",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.0.1-2.Final_redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-saaj-impl",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.0.4-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-shibboleth-java-support",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.0-6.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-slf4j",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.0.16-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-snakeyaml",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.2.0-1.redhat_00001.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
],
"defaultStatus": "affected",
"packageName": "eap8-wildfly",
"product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:8.0.4-2.GA_redhat_00005.1.el9eap",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-domain-http",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-domain-http",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "unknown",
"packageName": "wildfly-domain-http",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:7"
],
"defaultStatus": "unknown",
"packageName": "wildfly-domain-http",
"product": "Red Hat JBoss Data Grid 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "wildfly-domain-http",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "unknown",
"packageName": "wildfly-domain-http",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "affected",
"packageName": "wildfly-domain-http",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
}
],
"datePublic": "2024-05-02T00:00:00+00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T03:03:28.215Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:8075",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"name": "RHSA-2024:8076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"name": "RHSA-2024:8077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"name": "RHSA-2024:8080",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:8080"
},
{
"name": "RHSA-2024:8823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"name": "RHSA-2024:8824",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"name": "RHSA-2024:8826",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"name": "RHBZ#2278615",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-22T00:00:00+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-05-02T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Wildfly: no timeout for eap management interface may lead to denial of service (dos)",
"workarounds": [
{
"lang": "en",
"value": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available."
}
],
"x_redhatCweChain": "CWE-770: Allocation of Resources Without Limits or Throttling"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-4029",
"datePublished": "2024-05-02T14:55:27.135Z",
"dateReserved": "2024-04-22T13:59:47.506Z",
"dateUpdated": "2024-11-05T03:03:28.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-4029\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-05-02T15:15:07.227\",\"lastModified\":\"2024-11-05T02:15:04.543\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad en la interfaz de administraci\u00f3n de Wildfly. Debido a la falta de limitaci\u00f3n de sockets para la interfaz de administraci\u00f3n, es posible que se produzca una denegaci\u00f3n de servicio que alcance el l\u00edmite de nofile ya que no hay posibilidad de configurar o establecer un n\u00famero m\u00e1ximo de conexiones.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":4.1,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":0.5,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8075\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8076\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8077\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8080\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8823\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8824\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8826\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-4029\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2278615\",\"source\":\"secalert@redhat.com\"}]}}"
}
}
rhsa-2024_8824
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2024-11-06 07:24
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8824",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27248",
"url": "https://issues.redhat.com/browse/JBEAP-27248"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2024-11-06T07:24:59+00:00",
"generator": {
"date": "2024-11-06T07:24:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8824",
"initial_release_date": "2024-11-04T20:13:24+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:24:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9",
"product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLSignatureUtil.java#L415",
"url": "https://github.com/keycloak/keycloak/blob/main/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLSignatureUtil.java#L415"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:24+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2024_8076
Vulnerability from csaf_redhat
Published
2024-10-14 18:01
Modified
2024-11-06 07:14
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8076",
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "JBEAP-27050",
"url": "https://issues.redhat.com/browse/JBEAP-27050"
},
{
"category": "external",
"summary": "JBEAP-27357",
"url": "https://issues.redhat.com/browse/JBEAP-27357"
},
{
"category": "external",
"summary": "JBEAP-27548",
"url": "https://issues.redhat.com/browse/JBEAP-27548"
},
{
"category": "external",
"summary": "JBEAP-27613",
"url": "https://issues.redhat.com/browse/JBEAP-27613"
},
{
"category": "external",
"summary": "JBEAP-27658",
"url": "https://issues.redhat.com/browse/JBEAP-27658"
},
{
"category": "external",
"summary": "JBEAP-27700",
"url": "https://issues.redhat.com/browse/JBEAP-27700"
},
{
"category": "external",
"summary": "JBEAP-27701",
"url": "https://issues.redhat.com/browse/JBEAP-27701"
},
{
"category": "external",
"summary": "JBEAP-27713",
"url": "https://issues.redhat.com/browse/JBEAP-27713"
},
{
"category": "external",
"summary": "JBEAP-27714",
"url": "https://issues.redhat.com/browse/JBEAP-27714"
},
{
"category": "external",
"summary": "JBEAP-27715",
"url": "https://issues.redhat.com/browse/JBEAP-27715"
},
{
"category": "external",
"summary": "JBEAP-27746",
"url": "https://issues.redhat.com/browse/JBEAP-27746"
},
{
"category": "external",
"summary": "JBEAP-27747",
"url": "https://issues.redhat.com/browse/JBEAP-27747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8076.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update",
"tracking": {
"current_release_date": "2024-11-06T07:14:57+00:00",
"generator": {
"date": "2024-11-06T07:14:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8076",
"initial_release_date": "2024-10-14T18:01:49+00:00",
"revision_history": [
{
"date": "2024-10-14T18:01:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T18:01:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:14:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"discovery_date": "2022-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36033"
},
{
"category": "external",
"summary": "RHBZ#2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033"
}
],
"release_date": "2022-08-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266921"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: denial of service via specially crafted JWE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51775"
},
{
"category": "external",
"summary": "RHBZ#2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose4j: denial of service via specially crafted JWE"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:49+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
}
]
}
rhsa-2024_8075
Vulnerability from csaf_redhat
Published
2024-10-14 18:01
Modified
2024-11-06 07:15
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8075",
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "JBEAP-27049",
"url": "https://issues.redhat.com/browse/JBEAP-27049"
},
{
"category": "external",
"summary": "JBEAP-27357",
"url": "https://issues.redhat.com/browse/JBEAP-27357"
},
{
"category": "external",
"summary": "JBEAP-27548",
"url": "https://issues.redhat.com/browse/JBEAP-27548"
},
{
"category": "external",
"summary": "JBEAP-27613",
"url": "https://issues.redhat.com/browse/JBEAP-27613"
},
{
"category": "external",
"summary": "JBEAP-27658",
"url": "https://issues.redhat.com/browse/JBEAP-27658"
},
{
"category": "external",
"summary": "JBEAP-27700",
"url": "https://issues.redhat.com/browse/JBEAP-27700"
},
{
"category": "external",
"summary": "JBEAP-27701",
"url": "https://issues.redhat.com/browse/JBEAP-27701"
},
{
"category": "external",
"summary": "JBEAP-27713",
"url": "https://issues.redhat.com/browse/JBEAP-27713"
},
{
"category": "external",
"summary": "JBEAP-27714",
"url": "https://issues.redhat.com/browse/JBEAP-27714"
},
{
"category": "external",
"summary": "JBEAP-27715",
"url": "https://issues.redhat.com/browse/JBEAP-27715"
},
{
"category": "external",
"summary": "JBEAP-27746",
"url": "https://issues.redhat.com/browse/JBEAP-27746"
},
{
"category": "external",
"summary": "JBEAP-27747",
"url": "https://issues.redhat.com/browse/JBEAP-27747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8075.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update",
"tracking": {
"current_release_date": "2024-11-06T07:15:57+00:00",
"generator": {
"date": "2024-11-06T07:15:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8075",
"initial_release_date": "2024-10-14T18:01:59+00:00",
"revision_history": [
{
"date": "2024-10-14T18:01:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T18:01:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:15:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product_id": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper-debuginfo@1.1.3-1.redhat_00001.1.el7eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"discovery_date": "2022-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36033"
},
{
"category": "external",
"summary": "RHBZ#2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033"
}
],
"release_date": "2022-08-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266921"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: denial of service via specially crafted JWE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51775"
},
{
"category": "external",
"summary": "RHBZ#2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose4j: denial of service via specially crafted JWE"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:59+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
}
]
}
rhsa-2024_8823
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2024-11-06 07:25
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8823",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27247",
"url": "https://issues.redhat.com/browse/JBEAP-27247"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2024-11-06T07:25:11+00:00",
"generator": {
"date": "2024-11-06T07:25:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8823",
"initial_release_date": "2024-11-04T20:13:37+00:00",
"revision_history": [
{
"date": "2024-11-04T20:13:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:13:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:25:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64"
},
"product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src"
},
"product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8",
"product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLSignatureUtil.java#L415",
"url": "https://github.com/keycloak/keycloak/blob/main/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLSignatureUtil.java#L415"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:13:37+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2024_8826
Vulnerability from csaf_redhat
Published
2024-11-04 20:56
Modified
2024-11-06 07:25
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8826",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "JBEAP-24945",
"url": "https://issues.redhat.com/browse/JBEAP-24945"
},
{
"category": "external",
"summary": "JBEAP-25035",
"url": "https://issues.redhat.com/browse/JBEAP-25035"
},
{
"category": "external",
"summary": "JBEAP-27002",
"url": "https://issues.redhat.com/browse/JBEAP-27002"
},
{
"category": "external",
"summary": "JBEAP-27194",
"url": "https://issues.redhat.com/browse/JBEAP-27194"
},
{
"category": "external",
"summary": "JBEAP-27276",
"url": "https://issues.redhat.com/browse/JBEAP-27276"
},
{
"category": "external",
"summary": "JBEAP-27293",
"url": "https://issues.redhat.com/browse/JBEAP-27293"
},
{
"category": "external",
"summary": "JBEAP-27392",
"url": "https://issues.redhat.com/browse/JBEAP-27392"
},
{
"category": "external",
"summary": "JBEAP-27543",
"url": "https://issues.redhat.com/browse/JBEAP-27543"
},
{
"category": "external",
"summary": "JBEAP-27585",
"url": "https://issues.redhat.com/browse/JBEAP-27585"
},
{
"category": "external",
"summary": "JBEAP-27643",
"url": "https://issues.redhat.com/browse/JBEAP-27643"
},
{
"category": "external",
"summary": "JBEAP-27659",
"url": "https://issues.redhat.com/browse/JBEAP-27659"
},
{
"category": "external",
"summary": "JBEAP-27688",
"url": "https://issues.redhat.com/browse/JBEAP-27688"
},
{
"category": "external",
"summary": "JBEAP-27694",
"url": "https://issues.redhat.com/browse/JBEAP-27694"
},
{
"category": "external",
"summary": "JBEAP-27957",
"url": "https://issues.redhat.com/browse/JBEAP-27957"
},
{
"category": "external",
"summary": "JBEAP-28057",
"url": "https://issues.redhat.com/browse/JBEAP-28057"
},
{
"category": "external",
"summary": "JBEAP-28278",
"url": "https://issues.redhat.com/browse/JBEAP-28278"
},
{
"category": "external",
"summary": "JBEAP-28289",
"url": "https://issues.redhat.com/browse/JBEAP-28289"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update",
"tracking": {
"current_release_date": "2024-11-06T07:25:22+00:00",
"generator": {
"date": "2024-11-06T07:25:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8826",
"initial_release_date": "2024-11-04T20:56:02+00:00",
"revision_history": [
{
"date": "2024-11-04T20:56:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-04T20:56:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:25:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8",
"product_id": "Red Hat JBoss Enterprise Application Platform 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-09-04T17:02:58.468000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309764"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52428"
},
{
"category": "external",
"summary": "RHBZ#2309764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428"
}
],
"release_date": "2024-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"acknowledgments": [
{
"names": [
"Tanner Emek"
]
}
],
"cve": "CVE-2024-8698",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8698"
},
{
"category": "external",
"summary": "RHBZ#2311641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLSignatureUtil.java#L415",
"url": "https://github.com/keycloak/keycloak/blob/main/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLSignatureUtil.java#L415"
}
],
"release_date": "2024-09-19T15:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak"
},
{
"acknowledgments": [
{
"names": [
"Niklas Conrad",
"Karsten Meyer zu Selhausen"
]
}
],
"cve": "CVE-2024-8883",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-09-16T06:17:01.573000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312511"
}
],
"notes": [
{
"category": "description",
"text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8883"
},
{
"category": "external",
"summary": "RHBZ#2312511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8883"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883"
},
{
"category": "external",
"summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java",
"url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java"
}
],
"release_date": "2024-09-19T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec"
},
{
"cve": "CVE-2024-41172",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2024-07-19T09:20:34+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2298829"
}
],
"notes": [
{
"category": "description",
"text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41172"
},
{
"category": "external",
"summary": "RHBZ#2298829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg",
"url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6",
"url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6"
},
{
"category": "external",
"summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg",
"url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg"
}
],
"release_date": "2024-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-04T20:56:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients"
}
]
}
rhsa-2024_8080
Vulnerability from csaf_redhat
Published
2024-10-14 18:07
Modified
2024-11-06 07:15
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8080",
"url": "https://access.redhat.com/errata/RHSA-2024:8080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "JBEAP-27357",
"url": "https://issues.redhat.com/browse/JBEAP-27357"
},
{
"category": "external",
"summary": "JBEAP-27548",
"url": "https://issues.redhat.com/browse/JBEAP-27548"
},
{
"category": "external",
"summary": "JBEAP-27613",
"url": "https://issues.redhat.com/browse/JBEAP-27613"
},
{
"category": "external",
"summary": "JBEAP-27658",
"url": "https://issues.redhat.com/browse/JBEAP-27658"
},
{
"category": "external",
"summary": "JBEAP-27700",
"url": "https://issues.redhat.com/browse/JBEAP-27700"
},
{
"category": "external",
"summary": "JBEAP-27701",
"url": "https://issues.redhat.com/browse/JBEAP-27701"
},
{
"category": "external",
"summary": "JBEAP-27713",
"url": "https://issues.redhat.com/browse/JBEAP-27713"
},
{
"category": "external",
"summary": "JBEAP-27714",
"url": "https://issues.redhat.com/browse/JBEAP-27714"
},
{
"category": "external",
"summary": "JBEAP-27715",
"url": "https://issues.redhat.com/browse/JBEAP-27715"
},
{
"category": "external",
"summary": "JBEAP-27746",
"url": "https://issues.redhat.com/browse/JBEAP-27746"
},
{
"category": "external",
"summary": "JBEAP-27747",
"url": "https://issues.redhat.com/browse/JBEAP-27747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8080.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update",
"tracking": {
"current_release_date": "2024-11-06T07:15:18+00:00",
"generator": {
"date": "2024-11-06T07:15:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8080",
"initial_release_date": "2024-10-14T18:07:02+00:00",
"revision_history": [
{
"date": "2024-10-14T18:07:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T18:07:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:15:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:07:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"discovery_date": "2022-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36033"
},
{
"category": "external",
"summary": "RHBZ#2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033"
}
],
"release_date": "2022-08-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:07:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266921"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: denial of service via specially crafted JWE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51775"
},
{
"category": "external",
"summary": "RHBZ#2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:07:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose4j: denial of service via specially crafted JWE"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:07:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8080"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:07:02+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
}
]
}
rhsa-2024_8077
Vulnerability from csaf_redhat
Published
2024-10-14 18:01
Modified
2024-11-06 07:15
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8077",
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index"
},
{
"category": "external",
"summary": "2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "JBEAP-27051",
"url": "https://issues.redhat.com/browse/JBEAP-27051"
},
{
"category": "external",
"summary": "JBEAP-27357",
"url": "https://issues.redhat.com/browse/JBEAP-27357"
},
{
"category": "external",
"summary": "JBEAP-27548",
"url": "https://issues.redhat.com/browse/JBEAP-27548"
},
{
"category": "external",
"summary": "JBEAP-27613",
"url": "https://issues.redhat.com/browse/JBEAP-27613"
},
{
"category": "external",
"summary": "JBEAP-27658",
"url": "https://issues.redhat.com/browse/JBEAP-27658"
},
{
"category": "external",
"summary": "JBEAP-27700",
"url": "https://issues.redhat.com/browse/JBEAP-27700"
},
{
"category": "external",
"summary": "JBEAP-27701",
"url": "https://issues.redhat.com/browse/JBEAP-27701"
},
{
"category": "external",
"summary": "JBEAP-27713",
"url": "https://issues.redhat.com/browse/JBEAP-27713"
},
{
"category": "external",
"summary": "JBEAP-27714",
"url": "https://issues.redhat.com/browse/JBEAP-27714"
},
{
"category": "external",
"summary": "JBEAP-27715",
"url": "https://issues.redhat.com/browse/JBEAP-27715"
},
{
"category": "external",
"summary": "JBEAP-27746",
"url": "https://issues.redhat.com/browse/JBEAP-27746"
},
{
"category": "external",
"summary": "JBEAP-27747",
"url": "https://issues.redhat.com/browse/JBEAP-27747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8077.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update",
"tracking": {
"current_release_date": "2024-11-06T07:15:08+00:00",
"generator": {
"date": "2024-11-06T07:15:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:8077",
"initial_release_date": "2024-10-14T18:01:43+00:00",
"revision_history": [
{
"date": "2024-10-14T18:01:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T18:01:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T07:15:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"product": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
},
"product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"discovery_date": "2022-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2108554"
}
],
"notes": [
{
"category": "description",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "RHBZ#2108554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
}
],
"release_date": "2022-07-19T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"discovery_date": "2022-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2127078"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-36033"
},
{
"category": "external",
"summary": "RHBZ#2127078",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033"
}
],
"release_date": "2022-08-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled"
},
{
"cve": "CVE-2023-51775",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266921"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: denial of service via specially crafted JWE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-51775"
},
{
"category": "external",
"summary": "RHBZ#2266921",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
}
],
"release_date": "2024-02-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose4j: denial of service via specially crafted JWE"
},
{
"cve": "CVE-2024-4029",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2278615"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"category": "external",
"summary": "RHBZ#2278615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
}
],
"release_date": "2024-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"category": "workaround",
"details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T18:01:43+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
}
]
}
ghsa-x7g6-rwhc-g7mj
Vulnerability from github
Published
2024-05-02 15:30
Modified
2024-11-05 03:30
Severity ?
Summary
Wildfly vulnerable to denial of service
Details
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.wildfly:wildfly-domain-http"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "24.0.0.Final"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-4029"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2024-05-03T20:11:59Z",
"nvd_published_at": "2024-05-02T15:15:07Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.",
"id": "GHSA-x7g6-rwhc-g7mj",
"modified": "2024-11-05T03:30:45Z",
"published": "2024-05-02T15:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:8075"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:8076"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:8077"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:8080"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:8823"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:8824"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:8826"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"type": "PACKAGE",
"url": "https://github.com/wildfly/wildfly"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Wildfly vulnerable to denial of service"
}
gsd-2024-4029
Vulnerability from gsd
Modified
2024-04-23 05:02
Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-4029"
],
"id": "GSD-2024-4029",
"modified": "2024-04-23T05:02:11.173931Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-4029",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
wid-sec-w-2024-1016
Vulnerability from csaf_certbund
Published
2024-05-02 22:00
Modified
2024-05-02 22:00
Summary
WildFly Application Server: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der WildFly Application Server ist ein Anwendungsserver nach dem Jakarta-EE-Standard.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in WildFly Application Server ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "niedrig"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der WildFly Application Server ist ein Anwendungsserver nach dem Jakarta-EE-Standard.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle in WildFly Application Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1016 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1016.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1016 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1016"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-05-02",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615"
},
{
"category": "external",
"summary": "RedHat Customer Portal vom 2024-05-02",
"url": "https://access.redhat.com/security/cve/CVE-2024-4029"
}
],
"source_lang": "en-US",
"title": "WildFly Application Server: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2024-05-02T22:00:00.000+00:00",
"generator": {
"date": "2024-05-03T09:32:54.366+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2024-1016",
"initial_release_date": "2024-05-02T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source WildFly Application Server",
"product": {
"name": "Open Source WildFly Application Server",
"product_id": "T034506",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:wildfly:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-4029",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in WildFly Application Server. Diese Fehler betrifft die Management-Schnittstelle aufgrund des Mangels an Begrenzung von Sockets, was dazu f\u00fchrt, dass das nofile-Limit erreicht wird. Ein lokaler, privilegierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T034506"
]
},
"release_date": "2024-05-02T22:00:00Z",
"title": "CVE-2024-4029"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.