Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-12183 (GCVE-0-2025-12183)
Vulnerability from cvelistv5 – Published: 2025-11-28 15:52 – Updated: 2025-12-29 12:41
VLAI?
EPSS
Title
org.lz4:lz4-java - Out-of-Bounds Memory Access
Summary
Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
Credits
Jonas Konrad (Oracle corp.)
Marcono1234
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-28T16:33:58.174474Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-28T16:34:40.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-12-01T21:03:11.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/12/01/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo1.maven.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.lz4:lz4-java",
"versions": [
{
"lessThanOrEqual": "1.8.0",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo1.maven.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.lz4:lz4-pure-java",
"versions": [
{
"lessThanOrEqual": "1.8.0",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo1.maven.org/maven2",
"defaultStatus": "unaffected",
"packageName": "net.jpountz.lz4:lz4",
"versions": [
{
"lessThanOrEqual": "1.8.0",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "remediation developer",
"value": "Jonas Konrad (Oracle corp.)"
},
{
"lang": "en",
"type": "remediation reviewer",
"value": "Marcono1234"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOut-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.\u003c/span\u003e"
}
],
"value": "Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-29T12:41:30.868Z",
"orgId": "103e4ec9-0a87-450b-af77-479448ddef11",
"shortName": "Sonatype"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.sonatype.com/security-advisories/cve-2025-12183"
},
{
"tags": [
"patch"
],
"url": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "org.lz4:lz4-java - Out-of-Bounds Memory Access",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "103e4ec9-0a87-450b-af77-479448ddef11",
"assignerShortName": "Sonatype",
"cveId": "CVE-2025-12183",
"datePublished": "2025-11-28T15:52:56.140Z",
"dateReserved": "2025-10-24T19:24:16.368Z",
"dateUpdated": "2025-12-29T12:41:30.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-12183\",\"sourceIdentifier\":\"103e4ec9-0a87-450b-af77-479448ddef11\",\"published\":\"2025-11-28T16:15:51.823\",\"lastModified\":\"2025-12-29T13:15:40.550\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"103e4ec9-0a87-450b-af77-479448ddef11\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"103e4ec9-0a87-450b-af77-479448ddef11\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"references\":[{\"url\":\"https://github.com/yawkat/lz4-java/releases/tag/v1.8.1\",\"source\":\"103e4ec9-0a87-450b-af77-479448ddef11\"},{\"url\":\"https://www.sonatype.com/security-advisories/cve-2025-12183\",\"source\":\"103e4ec9-0a87-450b-af77-479448ddef11\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/12/01/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/12/01/5\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-12-01T21:03:11.829Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-12183\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-28T16:33:58.174474Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-28T16:34:01.912Z\"}}], \"cna\": {\"title\": \"org.lz4:lz4-java - Out-of-Bounds Memory Access\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"remediation developer\", \"value\": \"Jonas Konrad (Oracle corp.)\"}, {\"lang\": \"en\", \"type\": \"remediation reviewer\", \"value\": \"Marcono1234\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 8.8, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.8.0\"}], \"packageName\": \"org.lz4:lz4-java\", \"collectionURL\": \"https://repo1.maven.org/maven2\", \"defaultStatus\": \"unaffected\"}, {\"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.8.0\"}], \"packageName\": \"org.lz4:lz4-pure-java\", \"collectionURL\": \"https://repo1.maven.org/maven2\", \"defaultStatus\": \"unaffected\"}, {\"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.8.0\"}], \"packageName\": \"net.jpountz.lz4:lz4\", \"collectionURL\": \"https://repo1.maven.org/maven2\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.sonatype.com/security-advisories/cve-2025-12183\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/yawkat/lz4-java/releases/tag/v1.8.1\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eOut-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.\u003c/span\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"103e4ec9-0a87-450b-af77-479448ddef11\", \"shortName\": \"Sonatype\", \"dateUpdated\": \"2025-12-29T12:41:30.868Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-12183\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-29T12:41:30.868Z\", \"dateReserved\": \"2025-10-24T19:24:16.368Z\", \"assignerOrgId\": \"103e4ec9-0a87-450b-af77-479448ddef11\", \"datePublished\": \"2025-11-28T15:52:56.140Z\", \"assignerShortName\": \"Sonatype\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:1872
Vulnerability from csaf_redhat - Published: 2026-02-04 04:47 - Updated: 2026-02-04 18:56Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.1.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.1.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure (CVE-2025-12183)
* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing (CVE-2025-66566)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.1.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.1.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure (CVE-2025-12183)\n\n* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing (CVE-2025-66566)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1872",
"url": "https://access.redhat.com/errata/RHSA-2026:1872"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7136166",
"url": "https://access.redhat.com/articles/7136166"
},
{
"category": "external",
"summary": "2417718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417718"
},
{
"category": "external",
"summary": "2419500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419500"
},
{
"category": "external",
"summary": "JBEAP-31416",
"url": "https://issues.redhat.com/browse/JBEAP-31416"
},
{
"category": "external",
"summary": "JBEAP-31437",
"url": "https://issues.redhat.com/browse/JBEAP-31437"
},
{
"category": "external",
"summary": "JBEAP-31454",
"url": "https://issues.redhat.com/browse/JBEAP-31454"
},
{
"category": "external",
"summary": "JBEAP-31498",
"url": "https://issues.redhat.com/browse/JBEAP-31498"
},
{
"category": "external",
"summary": "JBEAP-31543",
"url": "https://issues.redhat.com/browse/JBEAP-31543"
},
{
"category": "external",
"summary": "JBEAP-31547",
"url": "https://issues.redhat.com/browse/JBEAP-31547"
},
{
"category": "external",
"summary": "JBEAP-31559",
"url": "https://issues.redhat.com/browse/JBEAP-31559"
},
{
"category": "external",
"summary": "JBEAP-31567",
"url": "https://issues.redhat.com/browse/JBEAP-31567"
},
{
"category": "external",
"summary": "JBEAP-31577",
"url": "https://issues.redhat.com/browse/JBEAP-31577"
},
{
"category": "external",
"summary": "JBEAP-31595",
"url": "https://issues.redhat.com/browse/JBEAP-31595"
},
{
"category": "external",
"summary": "JBEAP-31676",
"url": "https://issues.redhat.com/browse/JBEAP-31676"
},
{
"category": "external",
"summary": "JBEAP-31680",
"url": "https://issues.redhat.com/browse/JBEAP-31680"
},
{
"category": "external",
"summary": "JBEAP-31690",
"url": "https://issues.redhat.com/browse/JBEAP-31690"
},
{
"category": "external",
"summary": "JBEAP-31762",
"url": "https://issues.redhat.com/browse/JBEAP-31762"
},
{
"category": "external",
"summary": "JBEAP-31767",
"url": "https://issues.redhat.com/browse/JBEAP-31767"
},
{
"category": "external",
"summary": "JBEAP-31800",
"url": "https://issues.redhat.com/browse/JBEAP-31800"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1872.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update",
"tracking": {
"current_release_date": "2026-02-04T18:56:08+00:00",
"generator": {
"date": "2026-02-04T18:56:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1872",
"initial_release_date": "2026-02-04T04:47:19+00:00",
"revision_history": [
{
"date": "2026-02-04T04:47:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-04T04:47:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-04T18:56:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 8.1",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8.1",
"product_id": "Red Hat JBoss Enterprise Application Platform 8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12183",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-28T16:00:42.516514+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417718"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows remote attackers to cause denial of service (DoS) and read adjacent memory via untrusted compressed input. This vulnerability affects only programs using the unsafe LZ4_decompress_fast API, known as the \"fast\" decompressor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability affects the \"fast\" decompressor, this is due to the fact such implementation relies on LZ4_decompress_fast API of the lz4 C library. This function was deprecated in the lz4 library as it misses boundary checks and is considered insecure when processing untrusted inputs.\nRed Hat has considered this vulnerability as having a security impact of Moderate as the attack may be considered of a high complexity, additionally when exploited the attacker doesn\u0027t have full control over the memory read and its content.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12183"
},
{
"category": "external",
"summary": "RHBZ#2417718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417718"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1",
"url": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1"
},
{
"category": "external",
"summary": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183",
"url": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183"
}
],
"release_date": "2025-11-28T15:52:56.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-04T04:47:19+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1872"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure"
},
{
"cve": "CVE-2025-66566",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2025-12-05T19:00:50.134024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419500"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated IMPORTANT because it allows for information disclosure when Java-based decompressor implementations reuse output buffers without proper clearing, potentially exposing sensitive data via crafted compressed input. JNI-based implementations of lz4-java are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 8.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66566"
},
{
"category": "external",
"summary": "RHBZ#2419500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840",
"url": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q",
"url": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q"
}
],
"release_date": "2025-12-05T18:10:16.470000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-04T04:47:19+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 8.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1872"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 8.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing"
}
]
}
RHSA-2026:0131
Vulnerability from csaf_redhat - Published: 2026-01-06 13:12 - Updated: 2026-02-06 20:10Summary
Red Hat Security Advisory: Red Hat build of Quarkus 3.20.4.SP1 security update
Notes
Topic
An update is now available for Red Hat build of Quarkus.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Quarkus 3.20.4.SP1 includes the following CVE fixes:
* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing [quarkus-3.20] (CVE-2025-66566)
* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure [quarkus-3.20] (CVE-2025-12183)
* vertx-web: Eclipse Vert.x cross site scripting [quarkus-3.20 (CVE-2025-11966)
For more information, see the release notes page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 3.20.4.SP1 includes the following CVE fixes:\n\n* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing [quarkus-3.20] (CVE-2025-66566)\n\n* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure [quarkus-3.20] (CVE-2025-12183)\n\n* vertx-web: Eclipse Vert.x cross site scripting [quarkus-3.20 (CVE-2025-11966)\n\nFor more information, see the release notes page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0131",
"url": "https://access.redhat.com/errata/RHSA-2026:0131"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/quarkus/",
"url": "https://access.redhat.com/products/quarkus/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.20.4.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.20.4.SP1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.20",
"url": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.20"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0131.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 3.20.4.SP1 security update",
"tracking": {
"current_release_date": "2026-02-06T20:10:31+00:00",
"generator": {
"date": "2026-02-06T20:10:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:0131",
"initial_release_date": "2026-01-06T13:12:23+00:00",
"revision_history": [
{
"date": "2026-01-06T13:12:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-13T15:04:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-06T20:10:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 3.20.4.SP1",
"product": {
"name": "Red Hat build of Quarkus 3.20.4.SP1",
"product_id": "Red Hat build of Quarkus 3.20.4.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:3.20::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11966",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-10-22T15:01:24.122189+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405789"
}
],
"notes": [
{
"category": "description",
"text": "In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], when \"directory listing\" is enabled, file and directory names are inserted into generated HTML without proper escaping in the href, title, and link attributes. An attacker who can create or rename files or directories within a served path can craft filenames containing malicious script or HTML content, leading to stored cross-site scripting (XSS) that executes in the context of users viewing the affected directory listing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx/vertx-web: Eclipse Vert.x cross site scripting",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.20.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11966"
},
{
"category": "external",
"summary": "RHBZ#2405789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11966"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11966",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11966"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/303",
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/303"
}
],
"release_date": "2025-10-22T14:44:24.145000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-06T13:12:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.20.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0131"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.20.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.20.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx/vertx-web: Eclipse Vert.x cross site scripting"
},
{
"cve": "CVE-2025-12183",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-28T16:00:42.516514+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417718"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows remote attackers to cause denial of service (DoS) and read adjacent memory via untrusted compressed input. This vulnerability affects only programs using the unsafe LZ4_decompress_fast API, known as the \"fast\" decompressor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability affects the \"fast\" decompressor, this is due to the fact such implementation relies on LZ4_decompress_fast API of the lz4 C library. This function was deprecated in the lz4 library as it misses boundary checks and is considered insecure when processing untrusted inputs.\nRed Hat has considered this vulnerability as having a security impact of Moderate as the attack may be considered of a high complexity, additionally when exploited the attacker doesn\u0027t have full control over the memory read and its content.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.20.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12183"
},
{
"category": "external",
"summary": "RHBZ#2417718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417718"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1",
"url": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1"
},
{
"category": "external",
"summary": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183",
"url": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183"
}
],
"release_date": "2025-11-28T15:52:56.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-06T13:12:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.20.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0131"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.20.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.20.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure"
},
{
"cve": "CVE-2025-66566",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2025-12-05T19:00:50.134024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419500"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated IMPORTANT because it allows for information disclosure when Java-based decompressor implementations reuse output buffers without proper clearing, potentially exposing sensitive data via crafted compressed input. JNI-based implementations of lz4-java are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.20.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66566"
},
{
"category": "external",
"summary": "RHBZ#2419500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840",
"url": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q",
"url": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q"
}
],
"release_date": "2025-12-05T18:10:16.470000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-06T13:12:23+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.20.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0131"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.20.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing"
}
]
}
RHSA-2026:1870
Vulnerability from csaf_redhat - Published: 2026-02-04 11:35 - Updated: 2026-02-04 18:56Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.1.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.1.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure (CVE-2025-12183)
* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing (CVE-2025-66566)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.1.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.1.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure (CVE-2025-12183)\n\n* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing (CVE-2025-66566)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1870",
"url": "https://access.redhat.com/errata/RHSA-2026:1870"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/red_hat_jboss_enterprise_application_platform_installation_methods/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/red_hat_jboss_enterprise_application_platform_installation_methods/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7134190",
"url": "https://access.redhat.com/articles/7134190"
},
{
"category": "external",
"summary": "2417718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417718"
},
{
"category": "external",
"summary": "2419500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419500"
},
{
"category": "external",
"summary": "JBEAP-31416",
"url": "https://issues.redhat.com/browse/JBEAP-31416"
},
{
"category": "external",
"summary": "JBEAP-31437",
"url": "https://issues.redhat.com/browse/JBEAP-31437"
},
{
"category": "external",
"summary": "JBEAP-31454",
"url": "https://issues.redhat.com/browse/JBEAP-31454"
},
{
"category": "external",
"summary": "JBEAP-31498",
"url": "https://issues.redhat.com/browse/JBEAP-31498"
},
{
"category": "external",
"summary": "JBEAP-31543",
"url": "https://issues.redhat.com/browse/JBEAP-31543"
},
{
"category": "external",
"summary": "JBEAP-31547",
"url": "https://issues.redhat.com/browse/JBEAP-31547"
},
{
"category": "external",
"summary": "JBEAP-31559",
"url": "https://issues.redhat.com/browse/JBEAP-31559"
},
{
"category": "external",
"summary": "JBEAP-31567",
"url": "https://issues.redhat.com/browse/JBEAP-31567"
},
{
"category": "external",
"summary": "JBEAP-31572",
"url": "https://issues.redhat.com/browse/JBEAP-31572"
},
{
"category": "external",
"summary": "JBEAP-31577",
"url": "https://issues.redhat.com/browse/JBEAP-31577"
},
{
"category": "external",
"summary": "JBEAP-31595",
"url": "https://issues.redhat.com/browse/JBEAP-31595"
},
{
"category": "external",
"summary": "JBEAP-31676",
"url": "https://issues.redhat.com/browse/JBEAP-31676"
},
{
"category": "external",
"summary": "JBEAP-31680",
"url": "https://issues.redhat.com/browse/JBEAP-31680"
},
{
"category": "external",
"summary": "JBEAP-31690",
"url": "https://issues.redhat.com/browse/JBEAP-31690"
},
{
"category": "external",
"summary": "JBEAP-31762",
"url": "https://issues.redhat.com/browse/JBEAP-31762"
},
{
"category": "external",
"summary": "JBEAP-31767",
"url": "https://issues.redhat.com/browse/JBEAP-31767"
},
{
"category": "external",
"summary": "JBEAP-31800",
"url": "https://issues.redhat.com/browse/JBEAP-31800"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1870.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update",
"tracking": {
"current_release_date": "2026-02-04T18:56:08+00:00",
"generator": {
"date": "2026-02-04T18:56:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1870",
"initial_release_date": "2026-02-04T11:35:41+00:00",
"revision_history": [
{
"date": "2026-02-04T11:35:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-04T11:35:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-04T18:56:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.1 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"product_id": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jose4j@0.9.6-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.128-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.128-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.7-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_id": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.4.0-1.GA_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"product": {
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"product_id": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-7.GA_redhat_00009.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.6.40-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"product_id": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.40.0-5.redhat_00009.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src",
"product": {
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src",
"product_id": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-yasson@3.0.4-4.redhat_00006.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"product_id": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-gson@2.10.1-2.redhat_00005.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy@6.2.15-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.6.7-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"product_id": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb@4.0.6-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"product": {
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"product_id": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.4-2.GA_redhat_00005.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"product": {
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"product_id": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jcip-annotations@1.0.0-3.redhat_00009.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jose4j@0.9.6-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-buffer@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-http@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-common@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.128-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.7-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@801.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"product_id": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-7.GA_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.6.40-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.6.40-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.6.40-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.40.0-5.redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"product": {
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"product_id": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-yasson@3.0.4-4.redhat_00006.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"product_id": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-gson@2.10.1-2.redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-atom-provider@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-cdi@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-client@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-client-api@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-core@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-core-spi@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-crypto@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jackson2-provider@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jaxb-provider@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jsapi@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-json-binding-provider@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-json-p-provider@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-multipart-provider@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-rxjava2@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-validator-provider@6.2.15-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.6.7-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.6.7-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-codemodel@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-core@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-jxc@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-runtime@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-xjc@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-relaxng-datatype@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-rngom@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-txw2@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xsom@4.0.6-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.1.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.1.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.1.4-2.GA_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"product_id": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jcip-annotations@1.0.0-3.redhat_00009.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.128-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.128-1.Final_redhat_00001.1.el8eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src"
},
"product_reference": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src"
},
"product_reference": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src"
},
"product_reference": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch"
},
"product_reference": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 8",
"product_id": "8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src"
},
"product_reference": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-8.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12183",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-28T16:00:42.516514+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417718"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows remote attackers to cause denial of service (DoS) and read adjacent memory via untrusted compressed input. This vulnerability affects only programs using the unsafe LZ4_decompress_fast API, known as the \"fast\" decompressor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability affects the \"fast\" decompressor, this is due to the fact such implementation relies on LZ4_decompress_fast API of the lz4 C library. This function was deprecated in the lz4 library as it misses boundary checks and is considered insecure when processing untrusted inputs.\nRed Hat has considered this vulnerability as having a security impact of Moderate as the attack may be considered of a high complexity, additionally when exploited the attacker doesn\u0027t have full control over the memory read and its content.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12183"
},
{
"category": "external",
"summary": "RHBZ#2417718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417718"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1",
"url": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1"
},
{
"category": "external",
"summary": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183",
"url": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183"
}
],
"release_date": "2025-11-28T15:52:56.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-04T11:35:41+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure"
},
{
"cve": "CVE-2025-66566",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2025-12-05T19:00:50.134024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419500"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated IMPORTANT because it allows for information disclosure when Java-based decompressor implementations reuse output buffers without proper clearing, potentially exposing sensitive data via crafted compressed input. JNI-based implementations of lz4-java are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66566"
},
{
"category": "external",
"summary": "RHBZ#2419500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840",
"url": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q",
"url": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q"
}
],
"release_date": "2025-12-05T18:10:16.470000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-04T11:35:41+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el8eap.x86_64",
"8Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el8eap.src",
"8Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.noarch",
"8Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing"
}
]
}
RHSA-2026:0134
Vulnerability from csaf_redhat - Published: 2026-01-06 13:22 - Updated: 2026-02-06 20:10Summary
Red Hat Security Advisory: Red Hat build of Quarkus 3.27.1.SP1 security update
Notes
Topic
An update is now available for Red Hat build of Quarkus.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Quarkus 3.27.1.SP1 includes the following CVE fixes:
* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing [quarkus-3.27] (CVE-2025-66566)
* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure [quarkus-3.27] (CVE-2025-12183)
* vertx-web: Eclipse Vert.x cross site scripting [quarkus-3.27] (CVE-2025-11966)
For more information, see the release notes page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 3.27.1.SP1 includes the following CVE fixes:\n\n* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing [quarkus-3.27] (CVE-2025-66566)\n\n* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure [quarkus-3.27] (CVE-2025-12183)\n\n* vertx-web: Eclipse Vert.x cross site scripting [quarkus-3.27] (CVE-2025-11966)\n\nFor more information, see the release notes page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0134",
"url": "https://access.redhat.com/errata/RHSA-2026:0134"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/quarkus/",
"url": "https://access.redhat.com/products/quarkus/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.27.1.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.27.1.SP1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.27",
"url": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.27"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0134.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 3.27.1.SP1 security update",
"tracking": {
"current_release_date": "2026-02-06T20:10:32+00:00",
"generator": {
"date": "2026-02-06T20:10:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:0134",
"initial_release_date": "2026-01-06T13:22:25+00:00",
"revision_history": [
{
"date": "2026-01-06T13:22:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-06T13:22:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-06T20:10:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 3.27.1.SP1",
"product": {
"name": "Red Hat build of Quarkus 3.27.1.SP1",
"product_id": "Red Hat build of Quarkus 3.27.1.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:3.27::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11966",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-10-22T15:01:24.122189+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405789"
}
],
"notes": [
{
"category": "description",
"text": "In Eclipse Vert.x versions [4.0.0, 4.5.21] and [5.0.0, 5.0.4], when \"directory listing\" is enabled, file and directory names are inserted into generated HTML without proper escaping in the href, title, and link attributes. An attacker who can create or rename files or directories within a served path can craft filenames containing malicious script or HTML content, leading to stored cross-site scripting (XSS) that executes in the context of users viewing the affected directory listing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx/vertx-web: Eclipse Vert.x cross site scripting",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.1.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-11966"
},
{
"category": "external",
"summary": "RHBZ#2405789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-11966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11966"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-11966",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11966"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/303",
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/303"
}
],
"release_date": "2025-10-22T14:44:24.145000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-06T13:22:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.1.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0134"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.1.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.1.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx/vertx-web: Eclipse Vert.x cross site scripting"
},
{
"cve": "CVE-2025-12183",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-28T16:00:42.516514+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417718"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows remote attackers to cause denial of service (DoS) and read adjacent memory via untrusted compressed input. This vulnerability affects only programs using the unsafe LZ4_decompress_fast API, known as the \"fast\" decompressor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability affects the \"fast\" decompressor, this is due to the fact such implementation relies on LZ4_decompress_fast API of the lz4 C library. This function was deprecated in the lz4 library as it misses boundary checks and is considered insecure when processing untrusted inputs.\nRed Hat has considered this vulnerability as having a security impact of Moderate as the attack may be considered of a high complexity, additionally when exploited the attacker doesn\u0027t have full control over the memory read and its content.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.1.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12183"
},
{
"category": "external",
"summary": "RHBZ#2417718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417718"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1",
"url": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1"
},
{
"category": "external",
"summary": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183",
"url": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183"
}
],
"release_date": "2025-11-28T15:52:56.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-06T13:22:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.1.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0134"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.1.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.1.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure"
},
{
"cve": "CVE-2025-66566",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2025-12-05T19:00:50.134024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419500"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated IMPORTANT because it allows for information disclosure when Java-based decompressor implementations reuse output buffers without proper clearing, potentially exposing sensitive data via crafted compressed input. JNI-based implementations of lz4-java are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.1.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66566"
},
{
"category": "external",
"summary": "RHBZ#2419500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840",
"url": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q",
"url": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q"
}
],
"release_date": "2025-12-05T18:10:16.470000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-06T13:22:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.1.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0134"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.1.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing"
}
]
}
RHSA-2026:1871
Vulnerability from csaf_redhat - Published: 2026-02-04 05:16 - Updated: 2026-02-04 18:56Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.1.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.1.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure (CVE-2025-12183)
* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing (CVE-2025-66566)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.1.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.1.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.1.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure (CVE-2025-12183)\n\n* lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing (CVE-2025-66566)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1871",
"url": "https://access.redhat.com/errata/RHSA-2026:1871"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/release_notes_for_red_hat_jboss_enterprise_application_platform_8.1/index"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/red_hat_jboss_enterprise_application_platform_installation_methods/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.1/html/red_hat_jboss_enterprise_application_platform_installation_methods/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7134190",
"url": "https://access.redhat.com/articles/7134190"
},
{
"category": "external",
"summary": "2417718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417718"
},
{
"category": "external",
"summary": "2419500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419500"
},
{
"category": "external",
"summary": "JBEAP-31416",
"url": "https://issues.redhat.com/browse/JBEAP-31416"
},
{
"category": "external",
"summary": "JBEAP-31437",
"url": "https://issues.redhat.com/browse/JBEAP-31437"
},
{
"category": "external",
"summary": "JBEAP-31454",
"url": "https://issues.redhat.com/browse/JBEAP-31454"
},
{
"category": "external",
"summary": "JBEAP-31498",
"url": "https://issues.redhat.com/browse/JBEAP-31498"
},
{
"category": "external",
"summary": "JBEAP-31543",
"url": "https://issues.redhat.com/browse/JBEAP-31543"
},
{
"category": "external",
"summary": "JBEAP-31547",
"url": "https://issues.redhat.com/browse/JBEAP-31547"
},
{
"category": "external",
"summary": "JBEAP-31559",
"url": "https://issues.redhat.com/browse/JBEAP-31559"
},
{
"category": "external",
"summary": "JBEAP-31567",
"url": "https://issues.redhat.com/browse/JBEAP-31567"
},
{
"category": "external",
"summary": "JBEAP-31573",
"url": "https://issues.redhat.com/browse/JBEAP-31573"
},
{
"category": "external",
"summary": "JBEAP-31577",
"url": "https://issues.redhat.com/browse/JBEAP-31577"
},
{
"category": "external",
"summary": "JBEAP-31595",
"url": "https://issues.redhat.com/browse/JBEAP-31595"
},
{
"category": "external",
"summary": "JBEAP-31676",
"url": "https://issues.redhat.com/browse/JBEAP-31676"
},
{
"category": "external",
"summary": "JBEAP-31680",
"url": "https://issues.redhat.com/browse/JBEAP-31680"
},
{
"category": "external",
"summary": "JBEAP-31690",
"url": "https://issues.redhat.com/browse/JBEAP-31690"
},
{
"category": "external",
"summary": "JBEAP-31762",
"url": "https://issues.redhat.com/browse/JBEAP-31762"
},
{
"category": "external",
"summary": "JBEAP-31767",
"url": "https://issues.redhat.com/browse/JBEAP-31767"
},
{
"category": "external",
"summary": "JBEAP-31800",
"url": "https://issues.redhat.com/browse/JBEAP-31800"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1871.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.4 security update",
"tracking": {
"current_release_date": "2026-02-04T18:56:08+00:00",
"generator": {
"date": "2026-02-04T18:56:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1871",
"initial_release_date": "2026-02-04T05:16:20+00:00",
"revision_history": [
{
"date": "2026-02-04T05:16:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-04T05:16:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-04T18:56:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 8.1 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"product_id": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jose4j@0.9.6-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.128-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.128-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.7-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_id": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.4.0-1.GA_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"product": {
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"product_id": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-7.GA_redhat_00009.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src",
"product": {
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src",
"product_id": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-yasson@3.0.4-4.redhat_00006.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"product_id": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-gson@2.10.1-2.redhat_00005.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"product": {
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"product_id": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy@6.2.15-1.Final_redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.6.7-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"product": {
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"product_id": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.40.0-5.redhat_00009.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"product_id": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb@4.0.6-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.6.40-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"product": {
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"product_id": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.4-2.GA_redhat_00005.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"product": {
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"product_id": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jcip-annotations@1.0.0-3.redhat_00009.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jose4j@0.9.6-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-buffer@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-dns@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-http@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-codec-socks@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-common@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-handler-proxy@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-resolver-dns@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-classes-epoll@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-unix-common@4.1.128-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jbossws-cxf@7.3.7-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@801.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@801.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"product_id": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-javadocs@8.1.1-7.GA_redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"product": {
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"product_id": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-yasson@3.0.4-4.redhat_00006.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"product_id": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-gson@2.10.1-2.redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-atom-provider@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-cdi@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-client@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-client-api@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-core@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-core-spi@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-crypto@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jackson2-provider@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jaxb-provider@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-jsapi@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-json-binding-provider@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-json-p-provider@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-multipart-provider@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-rxjava2@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_id": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-resteasy-validator-provider@6.2.15-1.Final_redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron@2.6.7-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-elytron-tool@2.6.7-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.40.0-5.redhat_00009.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-codemodel@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-core@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-jxc@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-runtime@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jaxb-xjc@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-relaxng-datatype@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-rngom@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-txw2@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-xsom@4.0.6-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate@6.6.40-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-core@6.6.40-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.6.40-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly@8.1.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.1.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.1.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product": {
"name": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_id": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.1.4-2.GA_redhat_00005.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"product": {
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"product_id": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-jcip-annotations@1.0.0-3.redhat_00009.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll@4.1.128-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"product": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"product_id": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap8-netty-transport-native-epoll-debuginfo@4.1.128-1.Final_redhat_00001.1.el9eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src"
},
"product_reference": "eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src"
},
"product_reference": "eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64"
},
"product_reference": "eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src"
},
"product_reference": "eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src"
},
"product_reference": "eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src"
},
"product_reference": "eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch"
},
"product_reference": "eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch"
},
"product_reference": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.1 for RHEL 9",
"product_id": "9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src"
},
"product_reference": "eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-8.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12183",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-28T16:00:42.516514+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417718"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows remote attackers to cause denial of service (DoS) and read adjacent memory via untrusted compressed input. This vulnerability affects only programs using the unsafe LZ4_decompress_fast API, known as the \"fast\" decompressor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability affects the \"fast\" decompressor, this is due to the fact such implementation relies on LZ4_decompress_fast API of the lz4 C library. This function was deprecated in the lz4 library as it misses boundary checks and is considered insecure when processing untrusted inputs.\nRed Hat has considered this vulnerability as having a security impact of Moderate as the attack may be considered of a high complexity, additionally when exploited the attacker doesn\u0027t have full control over the memory read and its content.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12183"
},
{
"category": "external",
"summary": "RHBZ#2417718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417718"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1",
"url": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1"
},
{
"category": "external",
"summary": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183",
"url": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183"
}
],
"release_date": "2025-11-28T15:52:56.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-04T05:16:20+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1871"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure"
},
{
"cve": "CVE-2025-66566",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2025-12-05T19:00:50.134024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419500"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lz4-java. This vulnerability allows disclosure of sensitive data via crafted compressed input due to insufficient clearing of the output buffer in Java-based decompressor implementations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated IMPORTANT because it allows for information disclosure when Java-based decompressor implementations reuse output buffers without proper clearing, potentially exposing sensitive data via crafted compressed input. JNI-based implementations of lz4-java are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66566"
},
{
"category": "external",
"summary": "RHBZ#2419500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419500"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66566",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66566"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840",
"url": "https://github.com/yawkat/lz4-java/commit/33d180cb70c4d93c80fb0dc3ab3002f457e93840"
},
{
"category": "external",
"summary": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q",
"url": "https://github.com/yawkat/lz4-java/security/advisories/GHSA-cmp6-m4wj-q63q"
}
],
"release_date": "2025-12-05T18:10:16.470000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-04T05:16:20+00:00",
"details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-0:2.40.0-5.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-activemq-artemis-cli-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-commons-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-core-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-dto-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hornetq-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-hqclient-protocol-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-client-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-ra-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jakarta-service-extensions-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-jdbc-store-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-journal-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-selector-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-activemq-artemis-server-0:2.40.0-5.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-codemodel-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-eap-product-conf-parent-0:801.4.0-1.GA_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-eap-product-conf-wildfly-ee-feature-pack-0:801.4.0-1.GA_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-gson-0:2.10.1-2.redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-0:6.6.40-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-hibernate-core-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-hibernate-envers-0:6.6.40-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-0:4.0.6-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jaxb-core-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-jxc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-runtime-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jaxb-xjc-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jbossws-cxf-0:7.3.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jcip-annotations-0:1.0.0-3.redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-jose4j-0:0.9.6-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-buffer-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-http-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-codec-socks-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-handler-proxy-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-resolver-dns-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-classes-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-epoll-debuginfo-0:4.1.128-1.Final_redhat_00001.1.el9eap.x86_64",
"9Base-JBEAP-8.1:eap8-netty-transport-native-unix-common-0:4.1.128-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-relaxng-datatype-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-0:6.2.15-1.Final_redhat_00002.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-resteasy-atom-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-cdi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-client-api-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-core-spi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-crypto-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jackson2-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jaxb-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-jsapi-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-binding-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-json-p-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-multipart-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-rxjava2-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-resteasy-validator-provider-0:6.2.15-1.Final_redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-rngom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-txw2-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-0:8.1.4-2.GA_redhat_00005.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-0:2.6.7-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-elytron-tool-0:2.6.7-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk17-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-java-jdk21-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-wildfly-javadocs-0:8.1.1-7.GA_redhat_00009.1.el9eap.src",
"9Base-JBEAP-8.1:eap8-wildfly-modules-0:8.1.4-2.GA_redhat_00005.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-xsom-0:4.0.6-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.noarch",
"9Base-JBEAP-8.1:eap8-yasson-0:3.0.4-4.redhat_00006.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing"
}
]
}
WID-SEC-W-2026-0019
Vulnerability from csaf_certbund - Published: 2026-01-06 23:00 - Updated: 2026-02-04 23:00Summary
Red Hat Enterprise Linux (Quarkus): Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, einen Denial-of-Service-Zustand zu verursachen oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen oder vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0019 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0019.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0019 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0019"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0131 vom 2026-01-06",
"url": "https://access.redhat.com/errata/RHSA-2026:0131"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0134 vom 2026-01-06",
"url": "https://access.redhat.com/errata/RHSA-2026:0134"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0467 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0467"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0468 vom 2026-01-12",
"url": "https://access.redhat.com/errata/RHSA-2026:0468"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0726 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0726"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0761 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0761"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0751 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0751"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0752 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0752"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0752 vom 2026-01-20",
"url": "http://linux.oracle.com/errata/ELSA-2026-0752.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7257968 vom 2026-02-02",
"url": "https://www.ibm.com/support/pages/node/7257968"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1823 vom 2026-02-03",
"url": "https://access.redhat.com/errata/RHSA-2026:1823"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1870 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1870"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1871 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1871"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1935 vom 2026-02-04",
"url": "https://access.redhat.com/errata/RHSA-2026:1935"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux (Quarkus): Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-04T23:00:00.000+00:00",
"generator": {
"date": "2026-02-05T09:40:45.091+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0019",
"initial_release_date": "2026-01-06T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-06T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-12T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-15T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-19T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM InfoSphere Information Server",
"product": {
"name": "IBM InfoSphere Information Server",
"product_id": "T035705",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version_range",
"name": "Quarkus \u003c3.20.4.SP1",
"product": {
"name": "Red Hat Enterprise Linux Quarkus \u003c3.20.4.SP1",
"product_id": "T049714"
}
},
{
"category": "product_version",
"name": "Quarkus 3.20.4.SP1",
"product": {
"name": "Red Hat Enterprise Linux Quarkus 3.20.4.SP1",
"product_id": "T049714-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:quarkus__3.20.4.sp1"
}
}
},
{
"category": "product_version_range",
"name": "Quarkus \u003c3.27.1.SP1",
"product": {
"name": "Red Hat Enterprise Linux Quarkus \u003c3.27.1.SP1",
"product_id": "T049715"
}
},
{
"category": "product_version",
"name": "Quarkus 3.27.1.SP1",
"product": {
"name": "Red Hat Enterprise Linux Quarkus 3.27.1.SP1",
"product_id": "T049715-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:quarkus__3.27.1.sp1"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.1.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c8.1.4",
"product_id": "T050520"
}
},
{
"category": "product_version",
"name": "8.1.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 8.1.4",
"product_id": "T050520-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.1.4"
}
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-11966",
"product_status": {
"known_affected": [
"T049715",
"67646",
"T035705",
"T050520",
"T004914"
]
},
"release_date": "2026-01-06T23:00:00.000+00:00",
"title": "CVE-2025-11966"
},
{
"cve": "CVE-2025-12183",
"product_status": {
"known_affected": [
"T049715",
"T049714",
"67646",
"T035705",
"T050520",
"T004914"
]
},
"release_date": "2026-01-06T23:00:00.000+00:00",
"title": "CVE-2025-12183"
},
{
"cve": "CVE-2025-66566",
"product_status": {
"known_affected": [
"T049715",
"T049714",
"67646",
"T035705",
"T050520",
"T004914"
]
},
"release_date": "2026-01-06T23:00:00.000+00:00",
"title": "CVE-2025-66566"
}
]
}
WID-SEC-W-2026-0164
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-02-04 23:00Summary
Oracle Java SE: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0164 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0164.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0164 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0164"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle Java SE vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixJAVA"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 8 vom 2026-01-20",
"url": "https://github.com/corretto/corretto-8/blob/8.482.08.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "Change Log for Amazon Corretto 11 vom 2026-01-20",
"url": "https://github.com/corretto/corretto-11/blob/11.0.30.7.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "Azul Zulu builds of OpenJDK - January 2026 Quarterly Update",
"url": "https://docs.azul.com/core/pdfs/january-2026/azul-zulu-ca-release-notes-january-2026-rev1.0.pdf"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0848 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0848"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0927 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0927"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0849 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0849"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0847 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0847"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0927 vom 2026-01-22",
"url": "https://linux.oracle.com/errata/ELSA-2026-0927.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0928 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0928"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0927 vom 2026-01-23",
"url": "https://errata.build.resf.org/RLSA-2026:0927"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0928 vom 2026-01-23",
"url": "https://errata.build.resf.org/RLSA-2026:0928"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6110 vom 2026-01-25",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00019.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0928 vom 2026-01-23",
"url": "http://linux.oracle.com/errata/ELSA-2026-0928.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4457 vom 2026-01-26",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00029.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0932 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0932"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0898 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0898"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0897 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0897"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6112 vom 2026-01-27",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00021.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0900 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0900"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4456 vom 2026-01-26",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00028.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0899 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0899"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0901 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0901"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0896 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0896"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0931 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0931"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0895 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0895"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0933 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:0933"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0932 vom 2026-01-27",
"url": "https://errata.build.resf.org/RLSA-2026:0932"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7258042 vom 2026-01-26",
"url": "https://www.ibm.com/support/pages/node/7258042"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7258025 vom 2026-01-26",
"url": "https://www.ibm.com/support/pages/node/7258025"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10093-1 vom 2026-01-27",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DYXZQCWXWQDRW4DHVAGCG2J73SA27W5O/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10091-1 vom 2026-01-27",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CGS2RS52V5KQQQCEGK24MAXSHABJIWTF/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10092-1 vom 2026-01-27",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IWJT2INRPEEFPSE2YAYZEKLRS6UQUNF5/"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2026-02 vom 2026-01-27",
"url": "https://de.tenable.com/security/tns-2026-02"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0932 vom 2026-01-27",
"url": "https://linux.oracle.com/errata/ELSA-2026-0932.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10108-1 vom 2026-01-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S7CDPZVRFL4SBFCJW4WIXCZCXZRWVTTN/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0342-1 vom 2026-01-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023990.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0341-1 vom 2026-01-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023991.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7259422 vom 2026-02-02",
"url": "https://www.ibm.com/support/pages/node/7259422"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1606 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1606"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8003-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-8003-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8002-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-8002-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8001-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-8001-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8000-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-8000-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7995-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-7995-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7996-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-7996-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7997-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-7997-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7998-1 vom 2026-02-03",
"url": "https://ubuntu.com/security/notices/USN-7998-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20190-1 vom 2026-02-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024026.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20199-1 vom 2026-02-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024020.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0363-1 vom 2026-02-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024035.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20134-1 vom 2026-02-03",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6HBUYV33ZTE6ADPCQZM6HMW2XG7WQETD/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10134-1 vom 2026-02-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4Z3UR6PG63OYY7IV4AAM2MZ4DMWZEWHO/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10136-1 vom 2026-02-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6MZSBZI33V52BT5HAQ2MZPR3L3M5D7EB/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10133-1 vom 2026-02-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ISR24KNJXAKOAXEUS5RCDFFCRLEKUVXP/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10135-1 vom 2026-02-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KZ5K6IBQB2ADSD26EDHXRFXMJK6DGJSD/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10137-1 vom 2026-02-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZDLTBTE6W5WTWIKXD72QA22655BXNXO4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0382-1 vom 2026-02-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024059.html"
}
],
"source_lang": "en-US",
"title": "Oracle Java SE: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-04T23:00:00.000+00:00",
"generator": {
"date": "2026-02-05T09:39:51.069+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0164",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-22T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian und Oracle Linux aufgenommen"
},
{
"date": "2026-01-26T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Debian, Red Hat, Rocky Enterprise Software Foundation und IBM aufgenommen"
},
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von openSUSE, Tenable und Oracle Linux aufgenommen"
},
{
"date": "2026-01-29T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von openSUSE und SUSE aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM, Red Hat und Ubuntu aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von openSUSE und SUSE aufgenommen"
}
],
"status": "final",
"version": "10"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.482.08.1",
"product": {
"name": "Amazon Corretto \u003c8.482.08.1",
"product_id": "T050211"
}
},
{
"category": "product_version",
"name": "8.482.08.1",
"product": {
"name": "Amazon Corretto 8.482.08.1",
"product_id": "T050211-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:8.482.08.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.30.7.1",
"product": {
"name": "Amazon Corretto \u003c11.0.30.7.1",
"product_id": "T050212"
}
},
{
"category": "product_version",
"name": "11.0.30.7.1",
"product": {
"name": "Amazon Corretto 11.0.30.7.1",
"product_id": "T050212-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:11.0.30.7.1"
}
}
}
],
"category": "product_name",
"name": "Corretto"
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Azul Zulu",
"product": {
"name": "Azul Zulu",
"product_id": "T036273",
"product_identification_helper": {
"cpe": "cpe:/a:azul:zulu:-"
}
}
}
],
"category": "vendor",
"name": "Azul"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Java SDK",
"product": {
"name": "IBM Java SDK",
"product_id": "10695",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jdk:-"
}
}
},
{
"category": "product_name",
"name": "IBM WebSphere Application Server",
"product": {
"name": "IBM WebSphere Application Server",
"product_id": "T000377",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:-"
}
}
},
{
"category": "product_name",
"name": "IBM WebSphere Service Registry and Repository",
"product": {
"name": "IBM WebSphere Service Registry and Repository",
"product_id": "T048917",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_service_registry_and_repository:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source OpenJDK",
"product": {
"name": "Open Source OpenJDK",
"product_id": "580789",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:openjdk:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "for JDK 17.0.17",
"product": {
"name": "Oracle GraalVM for JDK 17.0.17",
"product_id": "T050203",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:for_jdk_17.0.17"
}
}
},
{
"category": "product_version",
"name": "for JDK 21.0.9",
"product": {
"name": "Oracle GraalVM for JDK 21.0.9",
"product_id": "T050204",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:for_jdk_21.0.9"
}
}
},
{
"category": "product_version",
"name": "Enterprise Edition 21.3.16",
"product": {
"name": "Oracle GraalVM Enterprise Edition 21.3.16",
"product_id": "T050205",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:enterprise_edition_21.3.16"
}
}
}
],
"category": "product_name",
"name": "GraalVM"
},
{
"branches": [
{
"category": "product_version",
"name": "11.0.29",
"product": {
"name": "Oracle Java SE 11.0.29",
"product_id": "T050145",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:11.0.29"
}
}
},
{
"category": "product_version",
"name": "17.0.17",
"product": {
"name": "Oracle Java SE 17.0.17",
"product_id": "T050146",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:17.0.17"
}
}
},
{
"category": "product_version",
"name": "21.0.9",
"product": {
"name": "Oracle Java SE 21.0.9",
"product_id": "T050147",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:21.0.9"
}
}
},
{
"category": "product_version",
"name": "8u471-b50",
"product": {
"name": "Oracle Java SE 8u471-b50",
"product_id": "T050199",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u471-b50"
}
}
},
{
"category": "product_version",
"name": "8u471",
"product": {
"name": "Oracle Java SE 8u471",
"product_id": "T050200",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u471"
}
}
},
{
"category": "product_version",
"name": "8u471-perf",
"product": {
"name": "Oracle Java SE 8u471-perf",
"product_id": "T050201",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u471-perf"
}
}
},
{
"category": "product_version",
"name": "25.0.1",
"product": {
"name": "Oracle Java SE 25.0.1",
"product_id": "T050202",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:25.0.1"
}
}
}
],
"category": "product_name",
"name": "Java SE"
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.5.3",
"product": {
"name": "Tenable Security Nessus Network Monitor \u003c6.5.3",
"product_id": "T050330"
}
},
{
"category": "product_version",
"name": "6.5.3",
"product": {
"name": "Tenable Security Nessus Network Monitor 6.5.3",
"product_id": "T050330-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus_network_monitor:6.5.3"
}
}
}
],
"category": "product_name",
"name": "Nessus Network Monitor"
}
],
"category": "vendor",
"name": "Tenable Security"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12183",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-12183"
},
{
"cve": "CVE-2025-43368",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-43368"
},
{
"cve": "CVE-2025-47219",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-47219"
},
{
"cve": "CVE-2025-6021",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6052",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-6052"
},
{
"cve": "CVE-2025-7425",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-7425"
},
{
"cve": "CVE-2026-21925",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21925"
},
{
"cve": "CVE-2026-21932",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21932"
},
{
"cve": "CVE-2026-21933",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21933"
},
{
"cve": "CVE-2026-21945",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21945"
},
{
"cve": "CVE-2026-21947",
"product_status": {
"known_affected": [
"67646",
"T050212",
"T004914",
"T050330",
"T050211",
"T050199",
"T048917",
"T050205",
"T000377",
"10695",
"T050147",
"T050202",
"T050146",
"T050201",
"T050204",
"T050203",
"T032255",
"T050145",
"T050200",
"T036273",
"2951",
"T002207",
"T000126",
"580789",
"T027843"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21947"
}
]
}
CERTFR-2026-AVI-0069
Vulnerability from certfr_avis - Published: 2026-01-21 - Updated: 2026-01-21
De multiples vulnérabilités ont été découvertes dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Java SE | Oracle Java SE versions 11.0.29, 17.0.17, 21.0.9 et 25.0.1 | ||
| Oracle | Java SE | Oracle JDK Mission Control version 9.1.1 | ||
| Oracle | Java SE | Oracle Java SE versions 8u471, 8u471-b50 et 8u471-perf | ||
| Oracle | Java SE | Oracle GraalVM Enterprise Edition version 21.3.16 | ||
| Oracle | Java SE | Oracle GraalVM pour JDK versions 17.0.17 et 21.0.9 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Java SE versions 11.0.29, 17.0.17, 21.0.9 et 25.0.1",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle JDK Mission Control version 9.1.1",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE versions 8u471, 8u471-b50 et 8u471-perf",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM Enterprise Edition version 21.3.16",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM pour JDK versions 17.0.17 et 21.0.9",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-47219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47219"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-43368",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43368"
},
{
"name": "CVE-2025-43356",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43356"
},
{
"name": "CVE-2025-43272",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43272"
},
{
"name": "CVE-2025-47183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47183"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2025-43342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43342"
},
{
"name": "CVE-2026-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21947"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-12183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12183"
}
],
"initial_release_date": "2026-01-21T00:00:00",
"last_revision_date": "2026-01-21T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0069",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-01-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Java SE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE",
"vendor_advisories": [
{
"published_at": "2026-01-20",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Java SE cpujan2026",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html"
}
]
}
NCSC-2026-0030
Vulnerability from csaf_ncscnl - Published: 2026-01-21 10:11 - Updated: 2026-01-21 10:11Summary
Kwetsbaarheden verholpen in Oracle Java
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Oracle Java SE.
Interpretaties
De kwetsbaarheden, met name in de JavaFX-component, stellen ongeauthenticeerde aanvallers in staat om systemen te compromitteren via onbetrouwbare code, wat kan leiden tot Denial of Service (DoS) aanvallen en ongeautoriseerde toegang tot gevoelige gegevens. De exploitatie van deze kwetsbaarheden vereist menselijke interactie, wat de complexiteit van de aanval verhoogt.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-121
Stack-based Buffer Overflow
CWE-125
Out-of-bounds Read
CWE-190
Integer Overflow or Wraparound
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-416
Use After Free
CWE-787
Out-of-bounds Write
CWE-937
CWE-937
CWE-1035
CWE-1035
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Oracle Java SE.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden, met name in de JavaFX-component, stellen ongeauthenticeerde aanvallers in staat om systemen te compromitteren via onbetrouwbare code, wat kan leiden tot Denial of Service (DoS) aanvallen en ongeautoriseerde toegang tot gevoelige gegevens. De exploitatie van deze kwetsbaarheden vereist menselijke interactie, wat de complexiteit van de aanval verhoogt.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "general",
"text": "CWE-1035",
"title": "CWE-1035"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Java",
"tracking": {
"current_release_date": "2026-01-21T10:11:39.759123Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2026-0030",
"initial_release_date": "2026-01-21T10:11:39.759123Z",
"revision_history": [
{
"date": "2026-01-21T10:11:39.759123Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Oracle GraalVM Enterprise Edition"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Oracle GraalVM for JDK"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Oracle JDK Mission Control"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Oracle Java SE"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle Java SE, libxml2, and Oracle Communications Cloud Native Core Certificate Management could lead to denial of service through various exploits, affecting system integrity and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6021 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6021.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6052",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Java SE and GLib\u0027s GString memory management expose systems to potential denial of service and memory corruption risks, with specific integer overflow issues identified.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6052 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6052.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2025-6052"
},
{
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle Java SE, Oracle Communications Cloud Native Core, and libxslt expose systems to significant risks, including unauthorized data manipulation and application crashes.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7425 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7425.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2025-7425"
},
{
"cve": "CVE-2025-12183",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Multiple vulnerabilities in Oracle JDK Mission Control and lz4-java allow unauthorized access and denial of service through untrusted input, with varying severity and required versions for mitigation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-12183 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-12183.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2025-12183"
},
{
"cve": "CVE-2025-43368",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Java SE and WebKitGTK components highlight significant security risks, including a critical flaw in JavaFX allowing unauthenticated access and multiple use-after-free issues in web browsers leading to potential crashes.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-43368 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43368.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2025-43368"
},
{
"cve": "CVE-2025-47219",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Java SE and GStreamer components expose systems to unauthorized data access and information disclosure through flawed parsing mechanisms and memory handling.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47219 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47219.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2025-47219"
},
{
"cve": "CVE-2026-21925",
"notes": [
{
"category": "description",
"text": "A vulnerability in Oracle Java SE and Oracle GraalVM products allows unauthenticated attackers with network access to compromise data, potentially leading to unauthorized access and modifications across several supported versions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21925 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21925.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2026-21925"
},
{
"cve": "CVE-2026-21932",
"notes": [
{
"category": "description",
"text": "A vulnerability in Oracle Java SE and GraalVM products allows unauthenticated network attackers to compromise systems, affecting versions 8u471, 11.0.29, 17.0.17, and 21.0.9, with a CVSS score of 7.4.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21932 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21932.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2026-21932"
},
{
"cve": "CVE-2026-21933",
"notes": [
{
"category": "description",
"text": "A vulnerability in Oracle Java SE and Oracle GraalVM products allows unauthenticated attackers with network access to compromise systems, potentially leading to unauthorized data access requiring human interaction for exploitation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21933 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21933.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2026-21933"
},
{
"cve": "CVE-2026-21945",
"notes": [
{
"category": "description",
"text": "A vulnerability in Oracle Java SE and Oracle GraalVM products enables unauthenticated attackers to execute denial of service attacks, particularly in environments running untrusted code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21945 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21945.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2026-21945"
},
{
"cve": "CVE-2026-21947",
"notes": [
{
"category": "description",
"text": "A vulnerability in Oracle Java SE (JavaFX component) version 8u471-b50 allows unauthenticated attackers with network access to compromise systems, requiring human interaction for exploitation and potentially leading to unauthorized data access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-21947 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-21947.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4"
]
}
],
"title": "CVE-2026-21947"
}
]
}
FKIE_CVE-2025-12183
Vulnerability from fkie_nvd - Published: 2025-11-28 16:15 - Updated: 2025-12-29 13:15
Severity ?
Summary
Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input."
}
],
"id": "CVE-2025-12183",
"lastModified": "2025-12-29T13:15:40.550",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "103e4ec9-0a87-450b-af77-479448ddef11",
"type": "Secondary"
}
]
},
"published": "2025-11-28T16:15:51.823",
"references": [
{
"source": "103e4ec9-0a87-450b-af77-479448ddef11",
"url": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1"
},
{
"source": "103e4ec9-0a87-450b-af77-479448ddef11",
"url": "https://www.sonatype.com/security-advisories/cve-2025-12183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2025/12/01/5"
}
],
"sourceIdentifier": "103e4ec9-0a87-450b-af77-479448ddef11",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "103e4ec9-0a87-450b-af77-479448ddef11",
"type": "Secondary"
}
]
}
GHSA-VQF4-7M7X-WGFC
Vulnerability from github – Published: 2025-11-28 18:30 – Updated: 2025-12-31 22:00
VLAI?
Summary
LZ4 Java Compression has Out-of-bounds memory operations which can cause DoS
Details
Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.
This is fixed in a forked release: at.yawk.lz4:lz4-java version 1.8.1. The original project has been archived: https://github.com/lz4/lz4-java, and Sonatype has added a redirect from org.lz4:lz4-java:1.8.1 to the new group ID.
Severity ?
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "at.yawk.lz4:lz4-java"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.lz4:lz4-java"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.lz4:lz4-pure-java"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.8.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "net.jpountz.lz4:lz4"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "1.3.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-12183"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": true,
"github_reviewed_at": "2025-12-03T14:00:28Z",
"nvd_published_at": "2025-11-28T16:15:51Z",
"severity": "HIGH"
},
"details": "Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.\n\nThis is fixed in a forked release: at.yawk.lz4:lz4-java version 1.8.1. The original project has been archived: https://github.com/lz4/lz4-java, and Sonatype has added a redirect from org.lz4:lz4-java:1.8.1 to the new group ID.",
"id": "GHSA-vqf4-7m7x-wgfc",
"modified": "2025-12-31T22:00:12Z",
"published": "2025-11-28T18:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12183"
},
{
"type": "PACKAGE",
"url": "https://github.com/yawkat/lz4-java"
},
{
"type": "WEB",
"url": "https://github.com/yawkat/lz4-java/releases/tag/v1.8.1"
},
{
"type": "WEB",
"url": "https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-12183"
},
{
"type": "WEB",
"url": "https://www.sonatype.com/security-advisories/cve-2025-12183"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/12/01/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "LZ4 Java Compression has Out-of-bounds memory operations which can cause DoS"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…